CVE-2021-31802 β€” Out-of-bounds Write in Netgear R7000 Firmware

CWE-787 β€” Out-of-bounds Write3 documents3 sources
Severity
8.8HIGHNVD
EPSS
13.7%
top 5.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netgear R7000 Firmware
Timeline
PublishedApr 26
Latest updateMay 24

Description

NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. An attacker can leverage this to execute code as root. The problem is that a user-provided length value is trusted during a backup.cgi file upload. The attacker must add a \n before the Content-Length header.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

β–ΆNVDnetgear/r7000_firmware1.0.11.116

πŸ”΄Vulnerability Details

2
GHSA
GHSA-89v8-28p6-p87r: NETGEAR R7000 1β†—2022-05-24
β–Ά
CVEList
CVE-2021-31802: NETGEAR R7000 1β†—2021-04-26
β–Ά
CVE-2021-31802 β€” Out-of-bounds Write in Netgear | cvebase