cvelistv5 - cve-2021-34991

cve-2021-34991

Vulnerability from cvelistv5

Published

2021-11-15 15:40

Modified

2024-08-04 00:26

Severity ?

8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
zdi-disclosures@trendmicro.com	https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168	Vendor Advisory
zdi-disclosures@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-21-1303/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-21-1303/	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	NETGEAR	R6400v2	Version: 1.0.4.106_10.0.80

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:26:55.733Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "R6400v2",
               vendor: "NETGEAR",
               versions: [
                  {
                     status: "affected",
                     version: "1.0.4.106_10.0.80",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "anonymous",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-121",
                     description: "CWE-121: Stack-based Buffer Overflow",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-01-13T21:44:43",
            orgId: "99f1926a-a320-47d8-bbb5-42feb611262e",
            shortName: "zdi",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "zdi-disclosures@trendmicro.com",
               ID: "CVE-2021-34991",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "R6400v2",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "1.0.4.106_10.0.80",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "NETGEAR",
                     },
                  ],
               },
            },
            credit: "anonymous",
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110.",
                  },
               ],
            },
            impact: {
               cvss: {
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-121: Stack-based Buffer Overflow",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
                     refsource: "MISC",
                     url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
                  },
                  {
                     name: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "99f1926a-a320-47d8-bbb5-42feb611262e",
      assignerShortName: "zdi",
      cveId: "CVE-2021-34991",
      datePublished: "2021-11-15T15:40:16",
      dateReserved: "2021-06-17T00:00:00",
      dateUpdated: "2024-08-04T00:26:55.733Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2021-34991\",\"sourceIdentifier\":\"zdi-disclosures@trendmicro.com\",\"published\":\"2021-11-15T16:15:09.547\",\"lastModified\":\"2024-11-21T06:11:39.183\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110.\"},{\"lang\":\"es\",\"value\":\"Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar código arbitrario en las instalaciones afectadas de los routers NETGEAR  versión R6400v2 1.0.4.106_10.0.80. No es requerida una autenticación para explotar esta vulnerabilidad. El fallo específico es presentado en el servicio UPnP, que escucha en el puerto TCP 5000 por defecto. Cuando analiza el encabezado petición uuid, el proceso no comprueba correctamente la longitud de los datos suministrados por el usuario antes de copiarlos en un búfer de longitud fija en la región stack de la memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto de root. Fue ZDI-CAN-14110\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":8.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":6.5,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.94\",\"matchCriteriaId\":\"A65EE9FC-A015-4D92-8DA3-40C8594D843D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDAA5899-B73C-4690-853E-B5400F034BE1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.94\",\"matchCriteriaId\":\"ED72FFCA-F5A8-480D-8A29-C14FFC490B33\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC5488D9-651C-4BAB-A141-06B816690D42\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.66\",\"matchCriteriaId\":\"8ECBE89E-3C81-470A-80C0-F742D7ABC66D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C6DFDB6-1D7A-459A-8D30-FD4900ED718B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.66\",\"matchCriteriaId\":\"18CD63F9-F5F6-4EE0-89B5-0EBA58E25245\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"305E295C-9C73-4798-A0BE-7973E1EE5EAB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.76\",\"matchCriteriaId\":\"7C7F4455-0A09-49B7-A117-1834F20B9FD1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E4CDF6B-3829-44D0-9675-71D7BE83CAA2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.120\",\"matchCriteriaId\":\"58DA0D12-4A91-4063-94C1-5154669BE6D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.120\",\"matchCriteriaId\":\"6EEB4D53-DD21-4145-B802-3ECC00998CC4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C88DA385-5FAE-49EC-80D6-78F81E7EEC16\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.3.3.142\",\"matchCriteriaId\":\"16A433A7-58F9-43F2-A2B1-A9FBEB518328\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C41908FF-AE64-4949-80E3-BEE061B2DA8A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.11.128\",\"matchCriteriaId\":\"047F5F65-909C-4151-A8DF-B3DD7CDEEDEF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9F86FF6-AB32-4E51-856A-DDE790C0A9A6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.3.3.142\",\"matchCriteriaId\":\"58DD8137-1332-4EAC-BFC2-1C457E92758C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFE55F4D-E98B-46D3-B870-041141934CD1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.72\",\"matchCriteriaId\":\"F445F83B-1CFC-41E9-9446-72E1FCE5A222\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"366FA778-3C2A-42AF-9141-DAD7043B406C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.5.76\",\"matchCriteriaId\":\"17FF56D6-F2B4-406A-AFFE-B9502E22FFDE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAF94D73-B6D0-4334-9A41-83AA92B7C6DF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.2.84\",\"matchCriteriaId\":\"EA344C08-94F1-47F8-9607-3D854B890E19\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D6A70D-66AF-4064-9F1B-4358D4B1F016\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.2.84\",\"matchCriteriaId\":\"33B2293C-09AD-4B5A-B2A0-923E2B9923AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"091CEDB5-0069-4253-86D8-B9FE17CB9F24\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.76\",\"matchCriteriaId\":\"A83ECB19-F32A-4413-8B51-3B871F1C2610\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B39F095-8FE8-43FD-A866-7B613B495984\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.2.84\",\"matchCriteriaId\":\"4905D866-2326-487F-AAA5-96ABA0DBD56E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7EF872D-2537-4FEB-8799-499FC9D44339\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.156\",\"matchCriteriaId\":\"CB34F838-B338-41CC-9EC8-4712C4CF84AE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A9B77E7-7439-48C6-989F-5E22CB4D3044\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.156\",\"matchCriteriaId\":\"FA5D6D75-ADD4-4D61-A54A-4DA0FE9722B9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63500DE4-BDBD-4F86-AB99-7DB084D0B912\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"F8D5268F-C2DA-4323-A71A-784DAB080D64\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B624B4D3-BCF4-4F95-B401-A88BEC3145A5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"4936DA57-0FEF-4BD1-8075-7DBB144D6C51\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7038703C-C79D-4DD4-8B16-E1A5FC6694C0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.5.132\",\"matchCriteriaId\":\"1071E817-2865-4D9A-BAD6-36CDCC86A2D3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"6C8EBFE8-A19D-4095-902D-E3DE5FE9B152\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9358B2F2-D24E-434D-AEE5-6CE093598793\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax38v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"622B679D-8F20-40A2-B8CB-054FCB13DC8E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax38v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE59D8F1-1883-4C96-8099-AA6B362A8D2B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"6E7252E5-A12A-49E7-BFF5-2974FBC876F0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CEAD12D-6D90-4CFB-9E59-2CEBD400C567\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"6786B925-498E-458D-94F4-83F337DE469C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D83182AB-E726-4371-B092-FA1920408FED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"3128D842-33C1-453A-B4BF-F383F7C7A924\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"178BB386-F66C-4CE8-9283-37D22B304691\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"7EDFCA49-7EF9-413B-A7CA-7D51CA7D12CB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B08BD69-CDCC-4CEB-B887-4E47D2B45D26\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"78BF9561-75D1-4B7A-ABE3-871D6C647978\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09E50F2A-C46C-4875-84AB-04AA00BFA53F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"D36A7666-610A-4C67-AD7D-C4473CC35994\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C430976E-24C0-4EA7-BF54-F9C188AB9C01\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.4.100\",\"matchCriteriaId\":\"3F6B59EE-5B90-4139-8306-B50846BB1EC6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBB69710-DA7E-4011-A61A-BA40462A041F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.5.132\",\"matchCriteriaId\":\"6065375D-CB51-403B-B6CD-BBBA53685E08\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.5.132\",\"matchCriteriaId\":\"324447B4-A3B2-41C7-A003-F7A09C66ACD2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06B5A85C-3588-4263-B9AD-4E56D3F6CB16\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.8.70\",\"matchCriteriaId\":\"24003AB5-CFB9-4A28-BDBE-2800B5222865\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67D7EC2C-E443-4749-854E-5BC057CA6B06\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.8.70\",\"matchCriteriaId\":\"018EFBF6-9AE3-4361-B8E2-A0A4B668295F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D23ADF0-05B4-4163-9666-3F470FB19E01\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.5.1.80\",\"matchCriteriaId\":\"95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2700644E-0940-4D05-B3CA-904D91739E58\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.42\",\"matchCriteriaId\":\"836591C8-6B93-4C41-808D-9FF4080A5F51\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37F227D8-332F-4D24-BAEA-AA5DB3E3EC95\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:wnr3500lv2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.2.0.70\",\"matchCriteriaId\":\"E3EC77D7-D5B5-48A4-ACF9-7919A7254A31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:wnr3500lv2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC3F6D58-D900-41B4-8626-58928866208A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.3.68\",\"matchCriteriaId\":\"3AE70236-D1C6-4B58-8385-1FA5F71916AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5590CF28-B88A-4755-904B-1BC1778FBEDD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.76\",\"matchCriteriaId\":\"FD93F750-1D77-4E8F-86EB-581C0102474B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3EEA190-2E9C-4586-BF81-B115532FBA23\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.108\",\"matchCriteriaId\":\"204E3FEE-153C-46A8-8651-8CF90A37F04D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D30939B-86E3-4C78-9B05-686B4994C8B9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.76\",\"matchCriteriaId\":\"9F21298B-8FEA-4E17-BF38-65F247D6271C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.126\",\"matchCriteriaId\":\"9EDEBC41-D9AA-4822-AC01-CFA4B24A08A6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BE59214-C8A1-4337-A54C-E4E8C149B241\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.62\",\"matchCriteriaId\":\"3B4ECB05-E606-439C-9B67-DB5042FCD50E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F87FFC46-137D-45B8-B437-F15565FB33D0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:cax80_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.1.3.5\",\"matchCriteriaId\":\"EE9AC94C-3222-4673-8147-7BD5CBB6FFA9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:cax80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"673A83EA-E359-4629-8B20-5382C15260B2\"}]}]}],\"references\":[{\"url\":\"https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168\",\"source\":\"zdi-disclosures@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-1303/\",\"source\":\"zdi-disclosures@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-1303/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}",
   },
}

gsd-2021-34991

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2021-34991

Aliases

CVE-2021-34991

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2021-34991",
      description: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110.",
      id: "GSD-2021-34991",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2021-34991",
         ],
         details: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110.",
         id: "GSD-2021-34991",
         modified: "2023-12-13T01:23:14.305109Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "zdi-disclosures@trendmicro.com",
            ID: "CVE-2021-34991",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "R6400v2",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "1.0.4.106_10.0.80",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "NETGEAR",
                  },
               ],
            },
         },
         credit: "anonymous",
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110.",
               },
            ],
         },
         impact: {
            cvss: {
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "CWE-121: Stack-based Buffer Overflow",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
                  refsource: "MISC",
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
               },
               {
                  name: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
                  refsource: "MISC",
                  url: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.94",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.94",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.66",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.66",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.1.76",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.120",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.120",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.3.3.142",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.11.128",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.3.3.142",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.72",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.5.76",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.4.2.84",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.4.2.84",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.76",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.4.2.84",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.2.156",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.2.156",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.5.132",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax38v2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax38v2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.4.100",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.5.132",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.5.132",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.8.70",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.8.70",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.5.1.80",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.1.42",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:wnr3500lv2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.2.0.70",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:wnr3500lv2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.3.68",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.76",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.108",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.76",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.126",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.62",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:cax80_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.1.3.5",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:cax80:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "zdi-disclosures@trendmicro.com",
               ID: "CVE-2021-34991",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "CWE-787",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
                     refsource: "MISC",
                     tags: [
                        "Third Party Advisory",
                        "VDB Entry",
                     ],
                     url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
                  },
                  {
                     name: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
                     refsource: "MISC",
                     tags: [
                        "Vendor Advisory",
                     ],
                     url: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
                  },
               ],
            },
         },
         impact: {
            baseMetricV2: {
               acInsufInfo: false,
               cvssV2: {
                  accessComplexity: "LOW",
                  accessVector: "ADJACENT_NETWORK",
                  authentication: "NONE",
                  availabilityImpact: "COMPLETE",
                  baseScore: 8.3,
                  confidentialityImpact: "COMPLETE",
                  integrityImpact: "COMPLETE",
                  vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                  version: "2.0",
               },
               exploitabilityScore: 6.5,
               impactScore: 10,
               obtainAllPrivilege: false,
               obtainOtherPrivilege: false,
               obtainUserPrivilege: false,
               severity: "HIGH",
               userInteractionRequired: false,
            },
            baseMetricV3: {
               cvssV3: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               exploitabilityScore: 2.8,
               impactScore: 5.9,
            },
         },
         lastModifiedDate: "2021-11-17T16:33Z",
         publishedDate: "2021-11-15T16:15Z",
      },
   },
}

fkie_cve-2021-34991

Vulnerability from fkie_nvd

Published

2021-11-15 16:15

Modified

2024-11-21 06:11

Severity ?

8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
zdi-disclosures@trendmicro.com	https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168	Vendor Advisory
zdi-disclosures@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-21-1303/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-21-1303/	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
netgear	ex3700_firmware	*
netgear	ex3700	-
netgear	ex3800_firmware	*
netgear	ex3800	-
netgear	ex6120_firmware	*
netgear	ex6120	-
netgear	ex6130_firmware	*
netgear	ex6130	-
netgear	r6400_firmware	*
netgear	r6400	-
netgear	r6400v2_firmware	*
netgear	r6400v2	-
netgear	r6700v3_firmware	*
netgear	r6700v3	-
netgear	r6900p_firmware	*
netgear	r6900p	-
netgear	r7000_firmware	*
netgear	r7000	-
netgear	r7000p_firmware	*
netgear	r7000p	-
netgear	r7100lg_firmware	*
netgear	r7100lg	-
netgear	r7850_firmware	*
netgear	r7850	-
netgear	r7900p_firmware	*
netgear	r7900p	-
netgear	r7960p_firmware	*
netgear	r7960p	-
netgear	r8000_firmware	*
netgear	r8000	-
netgear	r8000p_firmware	*
netgear	r8000p	-
netgear	r8300_firmware	*
netgear	r8300	-
netgear	r8500_firmware	*
netgear	r8500	-
netgear	rax15_firmware	*
netgear	rax15	-
netgear	rax20_firmware	*
netgear	rax20	-
netgear	rax200_firmware	*
netgear	rax200	-
netgear	rax35v2_firmware	*
netgear	rax35v2	-
netgear	rax38v2_firmware	*
netgear	rax38v2	-
netgear	rax40v2_firmware	*
netgear	rax40v2	-
netgear	rax42_firmware	*
netgear	rax42	-
netgear	rax43_firmware	*
netgear	rax43	-
netgear	rax45_firmware	*
netgear	rax45	-
netgear	rax48_firmware	*
netgear	rax48	-
netgear	rax50_firmware	*
netgear	rax50	-
netgear	rax50s_firmware	*
netgear	rax50s	-
netgear	rax75_firmware	*
netgear	rax75	-
netgear	rax80_firmware	*
netgear	rax80	-
netgear	raxe450_firmware	*
netgear	raxe450	-
netgear	raxe500_firmware	*
netgear	raxe500	-
netgear	rs400_firmware	*
netgear	rs400	-
netgear	wndr3400v3_firmware	*
netgear	wndr3400v3	-
netgear	wnr3500lv2_firmware	*
netgear	wnr3500lv2	-
netgear	xr300_firmware	*
netgear	xr300	-
netgear	d6220_firmware	*
netgear	d6220	-
netgear	d6400_firmware	*
netgear	d6400	-
netgear	d7000v2_firmware	*
netgear	d7000v2	-
netgear	dgn2200v4_firmware	*
netgear	dgn2200v4	-
netgear	dc112a_firmware	*
netgear	dc112a	-
netgear	cax80_firmware	*
netgear	cax80	-

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A65EE9FC-A015-4D92-8DA3-40C8594D843D",
                     versionEndExcluding: "1.0.0.94",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED72FFCA-F5A8-480D-8A29-C14FFC490B33",
                     versionEndExcluding: "1.0.0.94",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8ECBE89E-3C81-470A-80C0-F742D7ABC66D",
                     versionEndExcluding: "1.0.0.66",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "18CD63F9-F5F6-4EE0-89B5-0EBA58E25245",
                     versionEndExcluding: "1.0.0.66",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C7F4455-0A09-49B7-A117-1834F20B9FD1",
                     versionEndExcluding: "1.0.1.76",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "58DA0D12-4A91-4063-94C1-5154669BE6D5",
                     versionEndExcluding: "1.0.4.120",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6EEB4D53-DD21-4145-B802-3ECC00998CC4",
                     versionEndExcluding: "1.0.4.120",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "16A433A7-58F9-43F2-A2B1-A9FBEB518328",
                     versionEndExcluding: "1.3.3.142",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "047F5F65-909C-4151-A8DF-B3DD7CDEEDEF",
                     versionEndExcluding: "1.0.11.128",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "58DD8137-1332-4EAC-BFC2-1C457E92758C",
                     versionEndExcluding: "1.3.3.142",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F445F83B-1CFC-41E9-9446-72E1FCE5A222",
                     versionEndExcluding: "1.0.0.72",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "366FA778-3C2A-42AF-9141-DAD7043B406C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "17FF56D6-F2B4-406A-AFFE-B9502E22FFDE",
                     versionEndExcluding: "1.0.5.76",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19",
                     versionEndExcluding: "1.4.2.84",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA",
                     versionEndExcluding: "1.4.2.84",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A83ECB19-F32A-4413-8B51-3B871F1C2610",
                     versionEndExcluding: "1.0.4.76",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E",
                     versionEndExcluding: "1.4.2.84",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB34F838-B338-41CC-9EC8-4712C4CF84AE",
                     versionEndExcluding: "1.0.2.156",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA5D6D75-ADD4-4D61-A54A-4DA0FE9722B9",
                     versionEndExcluding: "1.0.2.156",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8D5268F-C2DA-4323-A71A-784DAB080D64",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4936DA57-0FEF-4BD1-8075-7DBB144D6C51",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1071E817-2865-4D9A-BAD6-36CDCC86A2D3",
                     versionEndExcluding: "1.0.5.132",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C8EBFE8-A19D-4095-902D-E3DE5FE9B152",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9358B2F2-D24E-434D-AEE5-6CE093598793",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax38v2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "622B679D-8F20-40A2-B8CB-054FCB13DC8E",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax38v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE59D8F1-1883-4C96-8099-AA6B362A8D2B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E7252E5-A12A-49E7-BFF5-2974FBC876F0",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6786B925-498E-458D-94F4-83F337DE469C",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D83182AB-E726-4371-B092-FA1920408FED",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3128D842-33C1-453A-B4BF-F383F7C7A924",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "178BB386-F66C-4CE8-9283-37D22B304691",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EDFCA49-7EF9-413B-A7CA-7D51CA7D12CB",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "78BF9561-75D1-4B7A-ABE3-871D6C647978",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "09E50F2A-C46C-4875-84AB-04AA00BFA53F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D36A7666-610A-4C67-AD7D-C4473CC35994",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F6B59EE-5B90-4139-8306-B50846BB1EC6",
                     versionEndExcluding: "1.0.4.100",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBB69710-DA7E-4011-A61A-BA40462A041F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6065375D-CB51-403B-B6CD-BBBA53685E08",
                     versionEndExcluding: "1.0.5.132",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "324447B4-A3B2-41C7-A003-F7A09C66ACD2",
                     versionEndExcluding: "1.0.5.132",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "24003AB5-CFB9-4A28-BDBE-2800B5222865",
                     versionEndExcluding: "1.0.8.70",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67D7EC2C-E443-4749-854E-5BC057CA6B06",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "018EFBF6-9AE3-4361-B8E2-A0A4B668295F",
                     versionEndExcluding: "1.0.8.70",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D23ADF0-05B4-4163-9666-3F470FB19E01",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A",
                     versionEndExcluding: "1.5.1.80",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "836591C8-6B93-4C41-808D-9FF4080A5F51",
                     versionEndExcluding: "1.0.1.42",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37F227D8-332F-4D24-BAEA-AA5DB3E3EC95",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:wnr3500lv2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3EC77D7-D5B5-48A4-ACF9-7919A7254A31",
                     versionEndExcluding: "1.2.0.70",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:wnr3500lv2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC3F6D58-D900-41B4-8626-58928866208A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AE70236-D1C6-4B58-8385-1FA5F71916AF",
                     versionEndExcluding: "1.0.3.68",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD93F750-1D77-4E8F-86EB-581C0102474B",
                     versionEndExcluding: "1.0.0.76",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3EEA190-2E9C-4586-BF81-B115532FBA23",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "204E3FEE-153C-46A8-8651-8CF90A37F04D",
                     versionEndExcluding: "1.0.0.108",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7D30939B-86E3-4C78-9B05-686B4994C8B9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F21298B-8FEA-4E17-BF38-65F247D6271C",
                     versionEndExcluding: "1.0.0.76",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9EDEBC41-D9AA-4822-AC01-CFA4B24A08A6",
                     versionEndExcluding: "1.0.0.126",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BE59214-C8A1-4337-A54C-E4E8C149B241",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B4ECB05-E606-439C-9B67-DB5042FCD50E",
                     versionEndExcluding: "1.0.0.62",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F87FFC46-137D-45B8-B437-F15565FB33D0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:cax80_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE9AC94C-3222-4673-8147-7BD5CBB6FFA9",
                     versionEndExcluding: "2.1.3.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:cax80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "673A83EA-E359-4629-8B20-5382C15260B2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110.",
      },
      {
         lang: "es",
         value: "Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar código arbitrario en las instalaciones afectadas de los routers NETGEAR  versión R6400v2 1.0.4.106_10.0.80. No es requerida una autenticación para explotar esta vulnerabilidad. El fallo específico es presentado en el servicio UPnP, que escucha en el puerto TCP 5000 por defecto. Cuando analiza el encabezado petición uuid, el proceso no comprueba correctamente la longitud de los datos suministrados por el usuario antes de copiarlos en un búfer de longitud fija en la región stack de la memoria. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto de root. Fue ZDI-CAN-14110",
      },
   ],
   id: "CVE-2021-34991",
   lastModified: "2024-11-21T06:11:39.183",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 8.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "zdi-disclosures@trendmicro.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-11-15T16:15:09.547",
   references: [
      {
         source: "zdi-disclosures@trendmicro.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
      },
      {
         source: "zdi-disclosures@trendmicro.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303/",
      },
   ],
   sourceIdentifier: "zdi-disclosures@trendmicro.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-121",
            },
         ],
         source: "zdi-disclosures@trendmicro.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

ghsa-4fwh-3qpr-42ff

Vulnerability from github

Published

2022-05-24 19:20

Modified

2022-05-24 19:20

Details

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2021-34991",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-787",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2021-11-15T16:15:00Z",
      severity: "HIGH",
   },
   details: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110.",
   id: "GHSA-4fwh-3qpr-42ff",
   modified: "2022-05-24T19:20:54Z",
   published: "2022-05-24T19:20:54Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2021-34991",
      },
      {
         type: "WEB",
         url: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
      },
      {
         type: "WEB",
         url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1303",
      },
   ],
   schema_version: "1.4.0",
   severity: [],
}

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110. Zero Day Initiative To this vulnerability ZDI-CAN-14110 Was numbering.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR R6400v2 is a router from Netgear. A hardware device that connects two or more networks and acts as a gateway between the networks

Show details on source website

JSON

To clipboard

{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-202111-0632",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "r6400v2",
            scope: "lt",
            trust: 1.6,
            vendor: "netgear",
            version: "1.0.4.120",
         },
         {
            model: "rs400",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.5.1.80",
         },
         {
            model: "rax20",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "r6400",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.1.76",
         },
         {
            model: "r8000",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.76",
         },
         {
            model: "rax43",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "wndr3400v3",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.1.42",
         },
         {
            model: "cax80",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.1.3.5",
         },
         {
            model: "rax35v2",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "r7000",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.11.128",
         },
         {
            model: "rax50",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "ex3700",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.94",
         },
         {
            model: "rax45",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "r7960p",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.4.2.84",
         },
         {
            model: "r8000p",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.4.2.84",
         },
         {
            model: "rax42",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "r7100lg",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.72",
         },
         {
            model: "r7850",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.5.76",
         },
         {
            model: "d7000v2",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.76",
         },
         {
            model: "r6900p",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.3.3.142",
         },
         {
            model: "d6220",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.76",
         },
         {
            model: "r7900p",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.4.2.84",
         },
         {
            model: "dc112a",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.62",
         },
         {
            model: "rax40v2",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "ex6130",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.66",
         },
         {
            model: "rax75",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.5.132",
         },
         {
            model: "dgn2200v4",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.126",
         },
         {
            model: "xr300",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.3.68",
         },
         {
            model: "r8300",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.2.156",
         },
         {
            model: "ex6120",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.66",
         },
         {
            model: "d6400",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.108",
         },
         {
            model: "rax15",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "r8500",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.2.156",
         },
         {
            model: "r6700v3",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.120",
         },
         {
            model: "rax38v2",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "rax48",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "ex3800",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.94",
         },
         {
            model: "rax80",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.5.132",
         },
         {
            model: "rax50s",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.4.100",
         },
         {
            model: "r7000p",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.3.3.142",
         },
         {
            model: "rax200",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.5.132",
         },
         {
            model: "raxe450",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.8.70",
         },
         {
            model: "raxe500",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.8.70",
         },
         {
            model: "wnr3500lv2",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.2.0.70",
         },
         {
            model: "r6900p",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "r6400v2",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "r6400",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "ex3700",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "r7000",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "r6700v3",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "ex6120",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "ex3800",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "ex6130",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "r7000p",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            model: "r6400v2",
            scope: null,
            trust: 0.7,
            vendor: "netgear",
            version: null,
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-1303",
         },
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            db: "NVD",
            id: "CVE-2021-34991",
         },
      ],
   },
   credits: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/credits#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "anonymous",
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-1303",
         },
      ],
      trust: 0.7,
   },
   cve: "CVE-2021-34991",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [
               {
                  accessComplexity: "LOW",
                  accessVector: "ADJACENT_NETWORK",
                  authentication: "NONE",
                  author: "nvd@nist.gov",
                  availabilityImpact: "COMPLETE",
                  baseScore: 8.3,
                  confidentialityImpact: "COMPLETE",
                  exploitabilityScore: 6.5,
                  id: "CVE-2021-34991",
                  impactScore: 10,
                  integrityImpact: "COMPLETE",
                  severity: "HIGH",
                  trust: 1.8,
                  vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                  version: "2.0",
               },
               {
                  accessComplexity: "LOW",
                  accessVector: "ADJACENT_NETWORK",
                  authentication: "NONE",
                  author: "CNVD",
                  availabilityImpact: "COMPLETE",
                  baseScore: 8.3,
                  confidentialityImpact: "COMPLETE",
                  exploitabilityScore: 6.5,
                  id: "CNVD-2022-06693",
                  impactScore: 10,
                  integrityImpact: "COMPLETE",
                  severity: "HIGH",
                  trust: 0.6,
                  vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                  version: "2.0",
               },
            ],
            cvssV3: [
               {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  author: "zdi-disclosures@trendmicro.com",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 2.8,
                  id: "CVE-2021-34991",
                  impactScore: 5.9,
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  trust: 1.8,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  author: "nvd@nist.gov",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 2.8,
                  id: "CVE-2021-34991",
                  impactScore: 5.9,
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  trust: 1,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  author: "ZDI",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 2.8,
                  id: "CVE-2021-34991",
                  impactScore: 5.9,
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  trust: 0.7,
                  userInteraction: "NONE",
                  vectorString: "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            ],
            severity: [
               {
                  author: "nvd@nist.gov",
                  id: "CVE-2021-34991",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "zdi-disclosures@trendmicro.com",
                  id: "CVE-2021-34991",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "NVD",
                  id: "CVE-2021-34991",
                  trust: 0.8,
                  value: "High",
               },
               {
                  author: "ZDI",
                  id: "CVE-2021-34991",
                  trust: 0.7,
                  value: "HIGH",
               },
               {
                  author: "CNVD",
                  id: "CNVD-2022-06693",
                  trust: 0.6,
                  value: "HIGH",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-202111-1078",
                  trust: 0.6,
                  value: "HIGH",
               },
            ],
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-1303",
         },
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202111-1078",
         },
         {
            db: "NVD",
            id: "CVE-2021-34991",
         },
         {
            db: "NVD",
            id: "CVE-2021-34991",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. When parsing the uuid request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14110. Zero Day Initiative To this vulnerability ZDI-CAN-14110 Was numbering.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR R6400v2 is a router from Netgear. A hardware device that connects two or more networks and acts as a gateway between the networks",
      sources: [
         {
            db: "NVD",
            id: "CVE-2021-34991",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            db: "ZDI",
            id: "ZDI-21-1303",
         },
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
      ],
      trust: 2.79,
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2021-34991",
            trust: 4.5,
         },
         {
            db: "ZDI",
            id: "ZDI-21-1303",
            trust: 3.7,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
            trust: 0.8,
         },
         {
            db: "ZDI_CAN",
            id: "ZDI-CAN-14110",
            trust: 0.7,
         },
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
            trust: 0.6,
         },
         {
            db: "CNNVD",
            id: "CNNVD-202111-1078",
            trust: 0.6,
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-1303",
         },
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202111-1078",
         },
         {
            db: "NVD",
            id: "CVE-2021-34991",
         },
      ],
   },
   id: "VAR-202111-0632",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
      ],
      trust: 1.0428317353846153,
   },
   iot_taxonomy: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            category: [
               "Network device",
            ],
            sub_category: null,
            trust: 0.6,
         },
      ],
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
      ],
   },
   last_update_date: "2024-08-14T14:25:08.117000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "Security Advisory for Pre-Authentication Buffer Overflow on Multiple Products, PSV-2021-0168",
            trust: 1.5,
            url: "https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168",
         },
         {
            title: "Patch for NETGEAR R6400v2 Buffer Overflow Vulnerability",
            trust: 0.6,
            url: "https://www.cnvd.org.cn/patchInfo/show/315991",
         },
         {
            title: "NETGEAR R6400v2 Buffer error vulnerability fix",
            trust: 0.6,
            url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=170297",
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-1303",
         },
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202111-1078",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-121",
            trust: 1,
         },
         {
            problemtype: "CWE-787",
            trust: 1,
         },
         {
            problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            trust: 0.8,
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            db: "NVD",
            id: "CVE-2021-34991",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 3.6,
            url: "https://www.zerodayinitiative.com/advisories/zdi-21-1303/",
         },
         {
            trust: 2.3,
            url: "https://kb.netgear.com/000064361/security-advisory-for-pre-authentication-buffer-overflow-on-multiple-products-psv-2021-0168",
         },
         {
            trust: 1.4,
            url: "https://nvd.nist.gov/vuln/detail/cve-2021-34991",
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-1303",
         },
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202111-1078",
         },
         {
            db: "NVD",
            id: "CVE-2021-34991",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "ZDI",
            id: "ZDI-21-1303",
         },
         {
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202111-1078",
         },
         {
            db: "NVD",
            id: "CVE-2021-34991",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2021-11-11T00:00:00",
            db: "ZDI",
            id: "ZDI-21-1303",
         },
         {
            date: "2022-01-25T00:00:00",
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
         {
            date: "2022-11-09T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            date: "2021-11-11T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202111-1078",
         },
         {
            date: "2021-11-15T16:15:09.547000",
            db: "NVD",
            id: "CVE-2021-34991",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2021-12-23T00:00:00",
            db: "ZDI",
            id: "ZDI-21-1303",
         },
         {
            date: "2022-01-25T00:00:00",
            db: "CNVD",
            id: "CNVD-2022-06693",
         },
         {
            date: "2022-11-09T07:46:00",
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
         {
            date: "2021-11-24T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202111-1078",
         },
         {
            date: "2021-11-17T16:33:07.393000",
            db: "NVD",
            id: "CVE-2021-34991",
         },
      ],
   },
   threat_type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "remote or local",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-202111-1078",
         },
      ],
      trust: 0.6,
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "NETGEAR R6400v2  Out-of-Bounds Write Vulnerability in Router",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2021-015106",
         },
      ],
      trust: 0.8,
   },
   type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "buffer error",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-202111-1078",
         },
      ],
      trust: 0.6,
   },
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2021-34991

Vulnerability from cvelistv5

gsd-2021-34991

Vulnerability from gsd

fkie_cve-2021-34991

Vulnerability from fkie_nvd

ghsa-4fwh-3qpr-42ff

Vulnerability from github

var-202111-0632

Vulnerability from variot

Tags

Sightings

Nomenclature