CVE-2021-38523 — Out-of-bounds Write in Netgear R6400 Firmware

Severity

7.2HIGHNVD

CNA6.9

EPSS

0.7%

top 28.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 11

Latest updateMay 24

Description

NETGEAR R6400 devices before 1.0.1.70 are affected by a stack-based buffer overflow by an authenticated user.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

GHSA

GHSA-jqvr-33gh-5xm9: NETGEAR R6400 devices before 1↗2022-05-24

▶

CVEList

CVE-2021-38523: NETGEAR R6400 devices before 1↗2021-08-11

▶