Denial-of-Service Vulnerability in NETGEAR N300 Wireless Router
CVE-2019-5055

7.5HIGH

Key Information:

Vendor: Netgear
Status: N300 Wnr2000v5
Vendor: CVE Published:; 11 September 2019

Summary

An exploitable issue has been identified in the Host Access Point Daemon (hostapd) of the NETGEAR N300 (WNR2000v5) wireless router. Attackers can disrupt the availability of the service by sending a specifically crafted SOAP request that follows an invalid sequence. This action may lead to a null pointer dereference, ultimately causing the hostapd service to crash. As a result, this vulnerability allows unauthenticated individuals to launch denial-of-service attacks targeting this device.

Affected Version(s)

N300 WNR2000v5 Firmware Version V1.0.0.70

References

https://talosintelligence.com/vulnerability_reports/TALOS...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 11, 2019
Vulnerability Reserved
Jan 4, 2019