Remote Code Execution Vulnerability in NETGEAR Nighthawk R7000 Router
CVE-2020-28041

6.5MEDIUM

Key Information:

Vendor

Netgear
Status
Nighthawk R7000 Firmware
Vendor
CVE Published:
2 November 2020

What is CVE-2020-28041?

The SIP ALG feature in NETGEAR's Nighthawk R7000 router may allow remote attackers to exploit NAT Slipstreaming. By directing a victim to a malicious website through a modern browser, attackers can communicate with internal TCP and UDP services on the victim's network. This vulnerability arises from improper handling of IP packets containing specific substrings, which allows unauthorized access to the internal network without the victim's direct interaction.

References

https://news.ycombinator.com/item?id=24956616
x_refsource_MISC
https://samy.pl/slipstream/
x_refsource_MISC
https://github.com/samyk/slipstream
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.