exploitDog

CVE-2021-34236

Опубликовано: 08 сент. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to '/bd_genie_create_account.cgi' with a sufficiently long parameter 'register_country'.

Ссылки

https://github.com/Davidteeri/Bug-Report/blob/main/netgear-8000.md
Broken Link
https://github.com/advisories/GHSA-vfq9-7wg3-4mjx
Third Party Advisory
https://github.com/Davidteeri/Bug-Report/blob/main/netgear-8000.md
Broken Link

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:netgear:r8000_firmware:1.0.4.56:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.0196

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-120

Связанные уязвимости

GHSA-vfq9-7wg3-4mjx

CVSS3: 9.8

github

больше 3 лет назад

Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to '/bd_genie_create_account.cgi' with a sufficiently long parameter 'register_country'.

EPSS

Процентиль: 83%

0.0196

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-120