Stack Overflow Vulnerability in Netgear R8500 Router
CVE-2024-50995

Currently unrated

Key Information:

Vendor: Netgear
Status: R8500 Router
Vendor: CVE Published:; 5 November 2024

Summary

A stack overflow vulnerability has been identified in Netgear's R8500 router, specifically in version v1.0.2.160, where manipulation of the 'share_name' parameter through the 'usb_remote_smb_conf.cgi' interface can lead to a Denial of Service (DoS) condition. Attackers can exploit this weakness by sending a specially crafted POST request, which may cause the device to become unresponsive. This vulnerability highlights the importance of updating firmware and implementing robust security practices to protect against potential threats.

References

https://www.netgear.com/about/security/

https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vul...

Timeline

Vulnerability published
Nov 5, 2024
Vulnerability Reserved
Oct 28, 2024