This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15806.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgear d7800_firmware |
||
netgear ex6200_firmware |
||
netgear ex8000_firmware |
||
netgear r6220_firmware |
||
netgear r6230_firmware |
||
netgear r6400_firmware |
||
netgear r6700_firmware |
||
netgear r7000_firmware |
||
netgear r7800_firmware |