CVE-2022-48322

EUVD-2022-51022
NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
netgearmr60_firmware
𝑥
< 1.1.7.132
netgearms60_firmware
𝑥
< 1.1.7.132
netgearr6900p_firmware
𝑥
< 1.3.3.154
netgearr7000p_firmware
𝑥
< 1.3.3.154
netgearr7960p_firmware
𝑥
< 1.4.4.94
netgearr8000p_firmware
𝑥
< 1.4.4.94
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.netgear.com/000065265/Security-Advisory-for-Pre-authentication-Buffer-Overflow-on-Multiple-Products-PSV-2022-0155
https://kb.netgear.com/000065265/Security-Advisory-for-Pre-authentication-Buffer-Overflow-on-Multiple-Products-PSV-2022-0155