CVSS: 8.0EPSS: 0%CPEs: 68EXPL: 0CVE-2022-27647 – NETGEAR R6700v3 libreadycloud.so Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-27647
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. • https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327 https://www.zerodayinitiative.com/advisories/ZDI-22-524 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 68EXPL: 0CVE-2022-27642 – NETGEAR R6700v3 httpd Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-27642
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. • https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327 https://www.zerodayinitiative.com/advisories/ZDI-22-518 • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 56EXPL: 0CVE-2022-27643 – NETGEAR R6700v3 upnpd Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-27643
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of root. • https://kb.netgear.com/000064720/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0323 https://www.zerodayinitiative.com/advisories/ZDI-22-519 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 46EXPL: 0CVE-2022-27645 – NETGEAR R6700v3 readycloud_control.cgi Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-27645
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of root. • https://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325 https://www.zerodayinitiative.com/advisories/ZDI-22-522 • CWE-306: Missing Authentication for Critical Function CWE-697: Incorrect Comparison •
CVSS: 9.8EPSS: 0%CPEs: 42EXPL: 0CVE-2021-45512
https://notcve.org/view.php?id=CVE-2021-45512
Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90, R6250 before 1.0.4.42, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6900P before 1.3.2.124, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7900 before 1.0.4.26, R8000 before 1.0.4.58, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RS400 before 1.5.0.48, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50. Determinados dispositivos NETGEAR están afectados por una criptografía débil. Esto afecta a D7000v2 versiones anteriores a 1.0.0.62, D8500 versiones anteriores a 1.0.3.50, EX3700 versiones anteriores a 1.0.0.84, EX3800 versiones anteriores a 1.0.0.84, EX6120 versiones anteriores a 1.0.0. 54, EX6130 versiones anteriores a 1.0.0.36, EX7000 versiones anteriores a 1.0.1.90, R6250 versiones anteriores a 1.0.4.42, R6400v2 versiones anteriores a 1.0.4.98, R6700v3 versiones anteriores a 1.0.4.98, R6900P versiones anteriores a 1. 3.2.124, R7000 versiones anteriores a 1.0.11.106, R7000P versiones anteriores a 1.3.2.124, R7100LG versiones anteriores a 1.0.0.56, R7900 versiones anteriores a 1.0.4.26, R8000 versiones anteriores a 1.0.4. 58, R8300 versiones anteriores a 1.0.2.134, R8500 versiones anteriores a 1.0.2.134, RS400 versiones anteriores a 1.5.0.48, WNR3500Lv2 versiones anteriores a 1.2.0.62 y XR300 versiones anteriores a 1.0.3.50 • https://kb.netgear.com/000064117/Security-Advisory-for-Broken-Cryptography-on-Some-Routers-and-Extenders-PSV-2020-0134 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •