Buffer Overflow Vulnerability in Netgear Routers
CVE-2023-30280

9.8CRITICAL

Key Information:

Vendor: Netgear
Status: R6900 Firmware
Vendor: CVE Published:; 26 April 2023

Summary

A buffer overflow vulnerability exists in certain Netgear routers, specifically in the management interface. Through the 'getInputData' parameter on the 'fwSchedule.cgi' page, an attacker can exploit this flaw to execute arbitrary code remotely, potentially leading to a denial of service. This issue affects models such as the Netgear R6900 and various versions of the R6700, rendering these devices vulnerable to unauthorized access and control.

References

https://www.netgear.com/about/security/

https://github.com/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 26, 2023
Vulnerability Reserved
Apr 7, 2023