CVE-2021-29068

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
8.8HIGH
EPSS
0.6%
top 31.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
80
Netgear Ac2100 FirmwareNetgear Ac2400 FirmwareNetgear Ac2600 Firmware+77 more
Timeline
PublishedMar 23
Latest updateMay 24

Description

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 3.1 | Impact: 6.0

Affected Packages80 packages

NVDnetgear/r6900p_firmware< 1.3.2.124
NVDnetgear/r7000p_firmware< 1.3.2.124
NVDnetgear/r7900p_firmware< 1.4.1.62
NVDnetgear/r8000p_firmware< 1.4.1.62
NVDnetgear/rax200_firmware< 1.0.2.102

🔴Vulnerability Details

2
GHSA
GHSA-4223-wcr9-hvjq: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user2022-05-24
CVEList
CVE-2021-29068: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user2021-03-23
CVE-2021-29068 (HIGH CVSS 8.8) | Certain NETGEAR devices are affecte | cvebase.io