Stack Overflow Vulnerabilities in Netgear R8500 Products
CVE-2024-50994

Currently unrated

Key Information:

Vendor
Netgear
Status
R8500
Vendor
CVE Published:
5 November 2024

Summary

The Netgear R8500 v1.0.2.160 is affected by multiple stack overflow vulnerabilities found in the ipv6_fix.cgi component. Attackers can exploit this issue by crafting specific POST requests that manipulate the parameters ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, and ipv6_lan_length. This exploitation can lead to service disruptions, resulting in a Denial of Service (DoS). It is advised for users to review their firmware and apply any necessary updates to mitigate these security risks.

References

https://www.netgear.com/about/security/
https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vul...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.