CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2022-24655
https://notcve.org/view.php?id=CVE-2022-24655
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication. Se presenta una vulnerabilidad de desbordamiento de pila en el servicio upnpd de Netgear EX6100v1 versión 201.0.2.28, CAX80 versión 2.1.2.6 y DC112A versión 1.0.0.62, que puede conllevar a una ejecución de código arbitrario sin autenticación • https://github.com/doudoudedi/Netgear_product_stack_overflow/blob/main/NETGEAR%20EX%20series%20upnpd%20stack_overflow.md https://kb.netgear.com/000064615/Security-Advisory-for-Pre-Authentication-Command-Injection-on-EX6100v1-and-Pre-Authentication-Stack-Overflow-on-Multiple-Products-PSV-2021-0282-PSV-2021-0288 https://www.netgear.com/about/security • CWE-787: Out-of-bounds Write •