3 results (0.003 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. There is a stack overflow vulnerability caused by strcpy. El router inalámbrico N300 de Netgear wnr2000v4 versión V1.0.0.70, es vulnerable al desbordamiento del búfer por medio de uhttpd. Se presenta una vulnerabilidad de desbordamiento de pila causada por strcpy. • https://github.com/Davidteeri/Bug-Report/blob/main/netgear-n300-0x429cbc.md https://www.netgear.com/about/security https://www.netgear.com/support/download/?model=WNR2000v4 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd. Se ha detectado que el router inalámbrico Netgear N300 wnr2000v4 versión V1.0.0.70, contiene un desbordamiento de pila por strcpy en uhttpd • https://github.com/Davidteeri/Bug-Report/blob/main/netgear-n300-0x4297B4.md https://www.netgear.com/about/security https://www.netgear.com/support/download/?model=WNR2000v4 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 23%CPEs: 6EXPL: 0

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261. Dispositivos NETGEAR WNR2000v3 anteriores a 1.1.2.14, WNR2000v4 anteriores a 1.0.0.42 permite rodear la autentificación y ejecutar código remoto mediante un buffer overflow que usa un parámetro en la administración de la aplicación. El ID del NETGEAR es PSV-2016-0261. Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution. • http://www.securityfocus.com/bid/98740 https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261 https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •