CVE-2023-39550: Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and…

high8.8CVSS 3.1

AVNACLPRLUINSUCHIHAH

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function.

Affected

3 ranges

Vendor	Product	Version range	Fixed in
netgear	jwnr2000v2_firmware	—	—
netgear	xavn2001v2_firmware	—	—
netgear	xwn5001_firmware	—	—