Sign-up

ID

VAR-202007-0054


CVE

CVE-2020-10928


TITLE

NETGEAR R6700 Heap-based buffer overflow vulnerability in router

Trust: 0.8

sources: JVNDB: JVNDB-2020-008854

DESCRIPTION

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the web server. Was ZDI-CAN-9767. NETGEAR R6700 A heap-based buffer overflow vulnerability exists in the router. Zero Day Initiative To this vulnerability ZDI-CAN-9767 Was numbered.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R6700 is a wireless router made by NETGEAR

Trust: 2.79

sources: NVD: CVE-2020-10928 // JVNDB: JVNDB-2020-008854 // ZDI: ZDI-20-708 // CNVD: CNVD-2020-43666

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-43666

AFFECTED PRODUCTS

vendor:netgearmodel:r6700scope:eqversion:1.0.4.84_10.0.58

Trust: 1.8

vendor:netgearmodel:r6700scope: - version: -

Trust: 0.7

vendor:netgearmodel:r6700 v1.0.4.84 10.0.58scope: - version: -

Trust: 0.6

sources: ZDI: ZDI-20-708 // CNVD: CNVD-2020-43666 // JVNDB: JVNDB-2020-008854 // NVD: CVE-2020-10928

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-10928
value: HIGH

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-10928
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-008854
value: HIGH

Trust: 0.8

ZDI: ZDI-20-708
value: HIGH

Trust: 0.7

CNVD: CNVD-2020-43666
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202007-1647
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-10928
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-008854
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-43666
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-10928
baseSeverity: HIGH
baseScore: 8.4
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.5
impactScore: 5.9
version: 3.1

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-10928
baseSeverity: HIGH
baseScore: 8.4
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.5
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-008854
baseSeverity: HIGH
baseScore: 8.4
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: ZDI-20-708
baseSeverity: HIGH
baseScore: 8.4
vectorString: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.5
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-708 // CNVD: CNVD-2020-43666 // JVNDB: JVNDB-2020-008854 // CNNVD: CNNVD-202007-1647 // NVD: CVE-2020-10928 // NVD: CVE-2020-10928

PROBLEMTYPE DATA

problemtype:CWE-122

Trust: 1.8

sources: JVNDB: JVNDB-2020-008854 // NVD: CVE-2020-10928

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202007-1647

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202007-1647

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-008854

PATCH
title:Top Pageurl:https://www.netgear.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-008854

EXTERNAL IDS
db:ZDIid:ZDI-20-708
Trust: 3.1
db:NVDid:CVE-2020-10928
Trust: 3.0
db:JVNDBid:JVNDB-2020-008854
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-9767
Trust: 0.7
db:CNVDid:CNVD-2020-43666
Trust: 0.6
db:CNNVDid:CNNVD-202007-1647
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-708 // 
            
            
            
            CNVD: CNVD-2020-43666 // 
            
            
            
            JVNDB: JVNDB-2020-008854 // 
            
            
            
            CNNVD: CNNVD-202007-1647 // 
            
            
            
            NVD: CVE-2020-10928

REFERENCES
url:https://www.zerodayinitiative.com/advisories/zdi-20-708/
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2020-10928
Trust: 2.0
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10928
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2020-43666 // 
            
            
            
            JVNDB: JVNDB-2020-008854 // 
            
            
            
            CNNVD: CNNVD-202007-1647 // 
            
            
            
            NVD: CVE-2020-10928

CREDITS
d4rkn3ss from VNPT ISC
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-708

SOURCES
db:ZDIid:ZDI-20-708
db:CNVDid:CNVD-2020-43666
db:JVNDBid:JVNDB-2020-008854
db:CNNVDid:CNNVD-202007-1647
db:NVDid:CVE-2020-10928

LAST UPDATE DATE
2024-11-23T21:51:26.630000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-708date:2020-06-15T00:00:00
db:CNVDid:CNVD-2020-43666date:2020-07-31T00:00:00
db:JVNDBid:JVNDB-2020-008854date:2020-09-29T00:00:00
db:CNNVDid:CNNVD-202007-1647date:2020-07-31T00:00:00
db:NVDid:CVE-2020-10928date:2024-11-21T04:56:23.313

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-708date:2020-06-15T00:00:00
db:CNVDid:CNVD-2020-43666date:2020-07-31T00:00:00
db:JVNDBid:JVNDB-2020-008854date:2020-09-29T00:00:00
db:CNNVDid:CNNVD-202007-1647date:2020-07-28T00:00:00
db:NVDid:CVE-2020-10928date:2020-07-28T18:15:14.003