Buffer Overflow Vulnerability in NETGEAR R6700 Router
CVE-2020-15635

8.8HIGH

Key Information:

Vendor: Netgear
Status: R6700
Vendor: CVE Published:; 20 August 2020

Summary

This vulnerability permits remote attackers to execute arbitrary code on NETGEAR R6700 routers running firmware version 1.0.4.84_10.0.58 due to a buffer overflow in the acsd service. The service, which operates on TCP port 5916 by default, lacks proper validation of user-supplied data lengths before copying to a fixed-length buffer. As this issue is exploitable without authentication, attackers can potentially take control of the router with admin privileges.

Affected Version(s)

R6700 1.0.4.84_10.0.58

References

https://www.zerodayinitiative.com/advisories/ZDI-20-936/

x_refsource_MISC

https://kb.netgear.com/000062127/Security-Advisory-for-Pr...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 20, 2020
Vulnerability Reserved
Jul 7, 2020

Credit

Pedro Ribeiro (@pedrib1337 | [email protected]) and Radek Domanski (@RabbitPro | [email protected])