Published:2024/04/24 Last Updated:2024/04/24
JVNVU#91883072
NETGEAR routers vulnerable to buffer overflow
Overview
Multiple routers provided by NETGEAR Inc. contain a buffer overflow vulnerability.
Products Affected
- RAX35 firmware versions prior to 1.0.6.106
- RAX38 firmware versions prior to 1.0.6.106
- RAX40 firmware versions prior to 1.0.6.106
Description
Multiple routers provided by NETGEAR Inc. contain a buffer overflow vulnerability (CWE-121, CVE-2023-27368).
Impact
An unauthenticated attacker may bypass authentication for the products.
Solution
Update the firmware
Update the firmware to the latest version according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| NETGEAR Inc. | Security Advisory for Authentication Bypass on Some Routers, PSV-2023-0166 |
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
CVSS v3
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score:
8.8
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
Credit
Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.