⚠ Actively exploited
Added to CISA KEV on 2022-06-08. Federal agencies required to patch by 2022-06-22. Required action: Apply updates per vendor instructions..

CVE-2017-6862

CWE-120Classic Buffer OverflowCWE-119Buffer Overflow6 documents6 sources
Severity
9.8CRITICAL
EPSS
37.5%
top 2.81%
CISA KEV
KEV
Added 2022-06-08
Due 2022-06-22
Exploit
Exploited in wild
Active exploitation observed
Affected products
3
Netgear Wnr2000v3 FirmwareNetgear Wnr2000v4 FirmwareNetgear Wnr2000v5 Firmware
Timeline
PublishedMay 26
KEV addedJun 8
KEV dueJun 22
Latest updateSep 6
CISA Required Action: Apply updates per vendor instructions.

Description

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

🔴Vulnerability Details

3
GHSA
GHSA-xjjj-92c2-q84f: NETGEAR WNR2000v3 devices before 12022-05-17
CVEList
CVE-2017-6862: NETGEAR WNR2000v3 devices before 12017-05-26
VulnCheck
NETGEAR Multiple Devices Buffer Overflow Vulnerability2017

🔍Detection Rules

1
Suricata
ET EXPLOIT NetGear WNR2000v5 Buffer Overflow Attempt Inbound (CVE-2017-6862)2022-09-06

📋Vendor Advisories

1
CISA
NETGEAR Multiple Devices Buffer Overflow Vulnerability2022-06-08
CVE-2017-6862 (CRITICAL CVSS 9.8) | NETGEAR WNR2000v3 devices before 1. | cvebase.io