NETGEAR RAX30 rex_cgi JSON Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2023-27361

8HIGH

Key Information:

Vendor

Netgear
Status
Rax30
Vendor
CVE Published:
3 May 2024

What is CVE-2023-27361?

A specific vulnerability exists in the NETGEAR RAX30 routers that stems from improper handling of JSON data. This flaw allows network-adjacent attackers to execute arbitrary code on affected systems due to inadequate validation of user-supplied data length. The vulnerability particularly targets the stack-based buffer, where an attacker can exploit this issue to execute code with root privileges on the device. Authentication is a prerequisite for the compromise, making it essential for users to ensure that their devices are shielded against unauthorized access.

Affected Version(s)

RAX30 1.0.6.74_1

References

https://www.zerodayinitiative.com/advisories/ZDI-23-495/
x_research-advisory
https://kb.netgear.com/000065625/Security-Advisory-for-Po...
vendor-advisory

CVSS V3.1

Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
6.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.