NETGEAR R6700v3 code execution |

May 14, 2022

NAME

NETGEAR R6700v3 code execution

  • Platforms Affected:
    NETGEAR R6700v3
  • Risk Level:
    8.8
  • Exploitability:
    Unproven
  • Consequences:
    Gain Access

DESCRIPTION

NETGEAR R6700v3 could allow a remote attacker to execute arbitrary code on the system, caused by the use of an outdated version of Netatalk containing known vulnerabilities. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code.

CVSS 3.0 Information

  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Access Vector: Adjacent Network
  • Access Complexity: Low
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
  • Remediation Level: Official Fix

MITIGATION

Refer to NETGEAR Security Advisory: PSV-2021-0321 for patch, upgrade or suggested workaround information. See References.

  • Reference Link:
    https://www.zerodayinitiative.com/advisories/ZDI-22-758/
  • Reference Link:
    https://kb.netgear.com/000064719/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0321

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2

You may have missed

CISA Logo

CISA: CISA Releases Nineteen Industrial Control Systems Advisories

November 14, 2024
image

[HUNTERS] – Ransomware Victim: Kumla Kommun

November 14, 2024
image

[SARCOMA] – Ransomware Victim: ADT Freight Services Australia Pty Lt

November 14, 2024
image

[AKIRA] – Ransomware Victim: Berexco LLC

November 14, 2024
image

[AKIRA] – Ransomware Victim: Dumont Printing

November 14, 2024