Stack Overflow Vulnerabilities in Netgear R8500 Router
CVE-2024-50998

Currently unrated

Key Information:

Vendor: Netgear
Status: R8500 Router
Vendor: CVE Published:; 5 November 2024

Summary

The Netgear R8500 Router, specifically version v1.0.2.160, is susceptible to multiple stack overflow vulnerabilities within the openvpn.cgi component. These vulnerabilities are triggered through the openvpn_service_port and openvpn_service_port_tun parameters. An attacker can exploit these weaknesses by sending a specially crafted POST request, potentially leading to Denial of Service (DoS) conditions, disrupting the normal operation of the device and leaving users vulnerable to further attacks.

References

https://www.netgear.com/about/security/

https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vul...

Timeline

Vulnerability published
Nov 5, 2024
Vulnerability Reserved
Oct 28, 2024