virus logo Intrusion Prevention

NETGEAR.Multiple.Products.Firmware.Upload.Stack.Buffer.Overflow

description-logoDescription

This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in Netgear products.
The vulnerability is due to improper validation of the length of user-supplied data in the header of firmware files. A remote attacker may exploit this vulnerability by enticing the victim to open a crafted firmware file using the vulnerable version of the software. Successful exploitation could lead to code execution under the security context of the user. Failed exploits will likely crash the application, leading to a Denial of Service condition.

affected-products-logoAffected Products

AC1450 All versions
D6220 v1.0.0.52
D6300 All versions
D6400 v1.0.0.88
D7000v2 v1.0.0.56
D8500 v1.0.3.44
DC112A v1.0.0.44
DGN2200v1 All versions
DGN2200M All versions
DGN2200v4 v1.0.0.110
DGND3700v1 All versions
EAX20 v1.0.0.32
EAX80 v1.0.0.36
EX3700 v1.0.0.78
EX3800 v1.0.0.78
EX3920 v1.0.0.78
EX6000 v1.0.0.38
EX6100 v1.0.2.24
EX6120 v1.0.0.48
EX6130 v1.0.0.30
EX6150 v1.0.0.42
EX6200 v1.0.3.90
EX6920 v1.0.0.40
EX7000 v1.1.0.84
EX7500 v1.0.0.52
LG2200D All versions
MBM621 All versions
MBR1200 All versions
MBR1515 All versions
MBR1516 All versions
MBR624GU All versions
MBRN3000 All versions
MVBR1210C All versions
R4500 All versions
R6200 All versions
R6200v2 All versions
R6250 v1.0.4.38
R6300v1 All versions
R6300v2 v1.0.4.36
R6400 v1.0.1.52
R6400v2 v1.0.4.84
R6700 V1.0.2.8
R6700v3 v1.0.4.84
R6900 v1.0.2.8
R6900P v1.3.1.64
R7000 v1.0.11.100
R7000P v1.3.1.64
R7100LG v1.0.0.52
R7300DST All versions
R7850 v1.0.5.48
R7900 v1.0.3.18
R7900P v1.4.1.50
R8000 v1.0.4.46
R8000P v1.4.1.50
R8300 v1.0.2.130
R8500 v1.0.2.130
RS400 v1.5.0.34
WGR614v10 All versions
WGR614v8 All versions
WGR614v9 All versions
WGT624v4 All versions
WN2500RP All versions
WN2500RPv2 All versions
WN3000RP All versions
WN3000RPv2 All versions
WN3000RPv3 All versions
WN3100RP All versions
WN3100RPv2 All versions
WN3500RP All versions
WNCE3001 All versions
WNCE3001v2 All versions
WNDR3300v1 All versions
WNDR3300v2 All versions
WNDR3400v1 All versions
WNDR3400v2 All versions
WNDR3400v3 All versions
WNDR3700v3 All versions
WNDR4000 All versions
WNDR4500 All versions
WNDR4500v2 All versions
WNR1000v3 v1.0.2.72
WNR2000v2 v1.2.0.8
WNR3500v1 All versions
WNR3500Lv1 All versions
WNR3500Lv2 v1.2.0.56
WNR3500v2 All versions
WNR834Bv2 All versions
XR300 v1.0.3.38

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-10-19 16.945 Default_action:pass:drop
2020-10-07 16.939 Sig Added
2020-09-22 16.930

References

ZDI-20-712 https://kb.netgear.com/000062345/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-WiFi-Systems-PSV-2020-0009 48588
ID 49489
Created Sep 14, 2020
Updated Mar 14, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2020-15416
Exploit Prediction Score 0.22%
Default Action drop
Active
Affected OS Other
Affected App Other