Details of VAR-202004-1672

ID

VAR-202004-1672

CVE

CVE-2018-21170

TITLE

plural NETGEAR Out-of-bounds write vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2018-016379

DESCRIPTION

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects EX2700 before 1.0.1.28, R7800 before 1.0.2.40, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR EX2700 is a wireless network signal extender. NETGEAR WN3000RP is a wireless network signal extender. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. This affects EX2700 prior to 1.0.1.28, R7800 prior to 1.0.2.40, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, and WN3100RPv2 prior to 1.0.0.56

Trust: 2.25

sources: NVD: CVE-2018-21170 // JVNDB: JVNDB-2018-016379 // CNVD: CNVD-2020-28109 // VULMON: CVE-2018-21170

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-28109

AFFECTED PRODUCTS

vendor:	netgear	model:	r7800	scope:	lt	version:	1.0.2.40	Trust: 1.6
vendor:	netgear	model:	ex2700	scope:	lt	version:	1.0.1.28	Trust: 1.6
vendor:	netgear	model:	wn3100rp	scope:	lt	version:	1.0.0.56	Trust: 1.0
vendor:	netgear	model:	wn3000rp	scope:	lt	version:	1.0.2.50	Trust: 1.0
vendor:	netgear	model:	wn2000rpt	scope:	lt	version:	1.0.1.20	Trust: 1.0
vendor:	netgear	model:	ex2700	scope:	eq	version:	1.0.1.28	Trust: 0.8
vendor:	netgear	model:	r7800	scope:	eq	version:	1.0.2.40	Trust: 0.8
vendor:	netgear	model:	wn2000rpt	scope:	eq	version:	1.0.1.20	Trust: 0.8
vendor:	netgear	model:	wn3000rp	scope:	eq	version:	1.0.2.50	Trust: 0.8
vendor:	netgear	model:	wn3100rp	scope:	eq	version:	1.0.0.56	Trust: 0.8
vendor:	netgear	model:	wn3000rpv3	scope:	lt	version:	1.0.2.50	Trust: 0.6
vendor:	netgear	model:	wn2000rptv3	scope:	lt	version:	1.0.1.20	Trust: 0.6
vendor:	netgear	model:	wn3100rpv2	scope:	lt	version:	1.0.0.56	Trust: 0.6
vendor:	netgear	model:	r7800	scope:	eq	version:	1.0.2.16	Trust: 0.1
vendor:	netgear	model:	r7800	scope:	eq	version:	1.0.2.28	Trust: 0.1
vendor:	netgear	model:	r7800	scope:	eq	version:	1.0.2.30	Trust: 0.1
vendor:	netgear	model:	r7800	scope:	eq	version:	1.0.2.32	Trust: 0.1
vendor:	netgear	model:	r7800	scope:	eq	version:	1.0.2.36	Trust: 0.1
vendor:	netgear	model:	r7800	scope:	eq	version:	1.0.2.38	Trust: 0.1
vendor:	netgear	model:	wn2000rpt	scope:	eq	version:	1.0.1.8	Trust: 0.1
vendor:	netgear	model:	wn2000rpt	scope:	eq	version:	1.0.1.14	Trust: 0.1
vendor:	netgear	model:	wn3000rp	scope:	eq	version:	1.0.0.52	Trust: 0.1
vendor:	netgear	model:	wn3000rp	scope:	eq	version:	1.0.0.56	Trust: 0.1
vendor:	netgear	model:	wn3000rp	scope:	eq	version:	1.0.0.68	Trust: 0.1
vendor:	netgear	model:	wn3000rp	scope:	eq	version:	1.0.2.44	Trust: 0.1
vendor:	netgear	model:	wn3100rp	scope:	eq	version:	1.0.0.20	Trust: 0.1
vendor:	netgear	model:	wn3100rp	scope:	eq	version:	1.0.0.40	Trust: 0.1
vendor:	netgear	model:	wn3100rp	scope:	eq	version:	1.0.0.42	Trust: 0.1

sources: CNVD: CNVD-2020-28109 // VULMON: CVE-2018-21170 // JVNDB: JVNDB-2018-016379 // NVD: CVE-2018-21170

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-21170
value:	HIGH
Trust: 1.0
cve@mitre.org:	CVE-2018-21170
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2018-016379
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2020-28109
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202004-2212
value:	HIGH
Trust: 0.6
VULMON:	CVE-2018-21170
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-21170
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2018-016379
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-28109
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2018-21170
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
cve@mitre.org:	CVE-2018-21170
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	JVNDB-2018-016379
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-28109 // VULMON: CVE-2018-21170 // JVNDB: JVNDB-2018-016379 // CNNVD: CNNVD-202004-2212 // NVD: CVE-2018-21170 // NVD: CVE-2018-21170

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.8

sources: JVNDB: JVNDB-2018-016379 // NVD: CVE-2018-21170

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202004-2212

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202004-2212

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-016379

PATCH

title:	Security Advisory for Pre-Authentication Stack Overflow on Some Routers and Extenders, PSV-2017-2638	url:	https://kb.netgear.com/000055188/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Extenders-PSV-2017-2638	Trust: 0.8
title:	Patch for Multiple NETGEAR product buffer overflow vulnerabilities (CNVD-2020-28109)	url:	https://www.cnvd.org.cn/patchInfo/show/217423	Trust: 0.6
title:	Multiple NETGEAR Product Buffer Error Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117305	Trust: 0.6

sources: CNVD: CNVD-2020-28109 // JVNDB: JVNDB-2018-016379 // CNNVD: CNNVD-202004-2212

EXTERNAL IDS

db:	NVD	id:	CVE-2018-21170	Trust: 3.1
db:	JVNDB	id:	JVNDB-2018-016379	Trust: 0.8
db:	CNVD	id:	CNVD-2020-28109	Trust: 0.6
db:	CNNVD	id:	CNNVD-202004-2212	Trust: 0.6
db:	VULMON	id:	CVE-2018-21170	Trust: 0.1

sources: CNVD: CNVD-2020-28109 // VULMON: CVE-2018-21170 // JVNDB: JVNDB-2018-016379 // CNNVD: CNNVD-202004-2212 // NVD: CVE-2018-21170

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2018-21170	Trust: 2.0
url:	https://kb.netgear.com/000055188/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-and-extenders-psv-2017-2638	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21170	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2020-28109 // VULMON: CVE-2018-21170 // JVNDB: JVNDB-2018-016379 // CNNVD: CNNVD-202004-2212 // NVD: CVE-2018-21170

SOURCES

db:	CNVD	id:	CNVD-2020-28109
db:	VULMON	id:	CVE-2018-21170
db:	JVNDB	id:	JVNDB-2018-016379
db:	CNNVD	id:	CNNVD-202004-2212
db:	NVD	id:	CVE-2018-21170

LAST UPDATE DATE

2024-11-23T22:55:10.149000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-28109	date:	2020-05-14T00:00:00
db:	VULMON	id:	CVE-2018-21170	date:	2020-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-016379	date:	2020-06-01T00:00:00
db:	CNNVD	id:	CNNVD-202004-2212	date:	2020-05-06T00:00:00
db:	NVD	id:	CVE-2018-21170	date:	2024-11-21T04:03:04.600

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-28109	date:	2020-05-14T00:00:00
db:	VULMON	id:	CVE-2018-21170	date:	2020-04-27T00:00:00
db:	JVNDB	id:	JVNDB-2018-016379	date:	2020-06-01T00:00:00
db:	CNNVD	id:	CNNVD-202004-2212	date:	2020-04-27T00:00:00
db:	NVD	id:	CVE-2018-21170	date:	2020-04-27T18:15:12.857