Details of VAR-202110-1761

ID

VAR-202110-1761

CVE

CVE-2021-34979

TITLE

NETGEAR R6260 Classic Buffer Overflow Vulnerability in Routers

Trust: 0.8

sources: JVNDB: JVNDB-2021-017782

DESCRIPTION

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13512. NETGEAR R6260 Routers contain a classic buffer overflow vulnerability. Zero Day Initiative To this vulnerability ZDI-CAN-13512 Was numbering.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR R6260 is a router device

Trust: 2.79

sources: NVD: CVE-2021-34979 // JVNDB: JVNDB-2021-017782 // ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-06694

AFFECTED PRODUCTS

vendor:	netgear	model:	r6260	scope:	-	version:	-	Trust: 1.3
vendor:	netgear	model:	r6260	scope:	eq	version:	1.1.0.78_1.0.1	Trust: 1.0
vendor:	ネットギア	model:	r6260	scope:	eq	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r6260	scope:	eq	version:	r6260 firmware 1.1.0.78_1.0.1	Trust: 0.8

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // NVD: CVE-2021-34979

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-34979
value:	HIGH
Trust: 1.0
zdi-disclosures@trendmicro.com:	CVE-2021-34979
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-34979
value:	HIGH
Trust: 0.8
ZDI:	CVE-2021-34979
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2022-06694
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202110-2060
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2021-34979
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-06694
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

zdi-disclosures@trendmicro.com:	CVE-2021-34979
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2021-34979
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ZDI:	CVE-2021-34979
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // CNNVD: CNNVD-202110-2060 // NVD: CVE-2021-34979 // NVD: CVE-2021-34979

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-017782 // NVD: CVE-2021-34979

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202110-2060

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-2060

PATCH

title:	Security Advisory for Vertical Privilege Escalation on Some Routers, PSV-2021-0152	url:	https://kb.netgear.com/000064261/Security-Advisory-for-Vertical-Privilege-Escalation-on-Some-Routers-PSV-2021-0152	Trust: 0.8
title:	NETGEAR has issued an update to correct this vulnerability.	url:	https://kb.netgear.com/000064261/Security-Advisory-for-Vertical-Privilege-Escalation-on-Some-Routers-PSV-2021-0152?article=000064261	Trust: 0.7
title:	Patch for NETGEAR R6260 mini_httpd SOAP buffer overflow vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/316156	Trust: 0.6
title:	NETGEAR R6260 Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167740	Trust: 0.6

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // CNNVD: CNNVD-202110-2060

EXTERNAL IDS

db:	NVD	id:	CVE-2021-34979	Trust: 4.5
db:	ZDI	id:	ZDI-21-1241	Trust: 3.1
db:	JVNDB	id:	JVNDB-2021-017782	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-13512	Trust: 0.7
db:	CNVD	id:	CNVD-2022-06694	Trust: 0.6
db:	CNNVD	id:	CNNVD-202110-2060	Trust: 0.6

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // CNNVD: CNNVD-202110-2060 // NVD: CVE-2021-34979

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-21-1241/	Trust: 3.0
url:	https://kb.netgear.com/000064261/security-advisory-for-vertical-privilege-escalation-on-some-routers-psv-2021-0152?article=000064261	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-34979	Trust: 2.0

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // CNNVD: CNNVD-202110-2060 // NVD: CVE-2021-34979

CREDITS

Sherman Chann Zhi Shen & Hoang Thach Nguyen (d4rkn3ss)

Trust: 1.3

sources: ZDI: ZDI-21-1241 // CNNVD: CNNVD-202110-2060

SOURCES

db:	ZDI	id:	ZDI-21-1241
db:	CNVD	id:	CNVD-2022-06694
db:	JVNDB	id:	JVNDB-2021-017782
db:	CNNVD	id:	CNNVD-202110-2060
db:	NVD	id:	CVE-2021-34979

LAST UPDATE DATE

2024-08-14T14:31:32.155000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-1241	date:	2021-10-28T00:00:00
db:	CNVD	id:	CNVD-2022-06694	date:	2022-01-25T00:00:00
db:	JVNDB	id:	JVNDB-2021-017782	date:	2023-02-08T03:27:00
db:	CNNVD	id:	CNNVD-202110-2060	date:	2022-02-14T00:00:00
db:	NVD	id:	CVE-2021-34979	date:	2022-01-19T20:12:40.507

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-1241	date:	2021-10-28T00:00:00
db:	CNVD	id:	CNVD-2022-06694	date:	2022-01-25T00:00:00
db:	JVNDB	id:	JVNDB-2021-017782	date:	2023-02-08T00:00:00
db:	CNNVD	id:	CNNVD-202110-2060	date:	2021-10-28T00:00:00
db:	NVD	id:	CVE-2021-34979	date:	2022-01-13T22:15:12.717