Stack Overflow Vulnerability in Netgear Routers
CVE-2024-50996

Currently unrated

Key Information:

Vendor: Netgear
Status: R8500, XR300, R7000P, R6400
Vendor: CVE Published:; 5 November 2024

Summary

A stack overflow vulnerability exists in specific Netgear router models that can be exploited through the 'bpa_server' parameter in the 'genie_bpa.cgi' script. Attackers can leverage this vulnerability to send crafted POST requests, resulting in a Denial of Service (DoS) condition. Affected models include R8500, XR300, R7000P, and R6400, making it critical for users to apply necessary patches to protect their devices.

References

https://www.netgear.com/about/security/

https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vul...

Timeline

Vulnerability published
Nov 5, 2024
Vulnerability Reserved
Oct 28, 2024