Stack-Based Buffer Overflow Vulnerability in NETGEAR WiFi Systems
CVE-2021-38524

4.5MEDIUM

Key Information:

Vendor: Netgear
Status: Mk62 Firmware
Vendor: CVE Published:; 11 August 2021

What is CVE-2021-38524?

Certain NETGEAR devices are susceptible to a stack-based buffer overflow when accessed by an authenticated user. This vulnerability allows attackers to execute arbitrary code or disrupt the integrity of the affected system. The risk is particularly acute for users with outdated firmware versions on specified devices, including various models of routers and WiFi systems. Immediate updates and mitigations are advised to ensure network security.

References

https://kb.netgear.com/000063779/Security-Advisory-for-Po...

x_refsource_MISC

CVSS V3.1

Score:

4.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 11, 2021
Vulnerability Reserved
Aug 10, 2021

Netgear

What is CVE-2021-38524?

References

CVSS V3.1

Timeline