ID

VAR-202110-1761


CVE

CVE-2021-34979


TITLE

NETGEAR R6260  Classic Buffer Overflow Vulnerability in Routers

Trust: 0.8

sources: JVNDB: JVNDB-2021-017782

DESCRIPTION

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13512. NETGEAR R6260 Routers contain a classic buffer overflow vulnerability. Zero Day Initiative To this vulnerability ZDI-CAN-13512 Was numbering.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR R6260 is a router device

Trust: 2.79

sources: NVD: CVE-2021-34979 // JVNDB: JVNDB-2021-017782 // ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-06694

AFFECTED PRODUCTS

vendor:netgearmodel:r6260scope: - version: -

Trust: 1.3

vendor:netgearmodel:r6260scope:eqversion:1.1.0.78_1.0.1

Trust: 1.0

vendor:ネットギアmodel:r6260scope:eqversion: -

Trust: 0.8

vendor:ネットギアmodel:r6260scope:eqversion:r6260 firmware 1.1.0.78_1.0.1

Trust: 0.8

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // NVD: CVE-2021-34979

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-34979
value: HIGH

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2021-34979
value: HIGH

Trust: 1.0

NVD: CVE-2021-34979
value: HIGH

Trust: 0.8

ZDI: CVE-2021-34979
value: HIGH

Trust: 0.7

CNVD: CNVD-2022-06694
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202110-2060
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-34979
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2022-06694
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

zdi-disclosures@trendmicro.com: CVE-2021-34979
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2021-34979
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ZDI: CVE-2021-34979
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // CNNVD: CNNVD-202110-2060 // NVD: CVE-2021-34979 // NVD: CVE-2021-34979

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:Classic buffer overflow (CWE-120) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-017782 // NVD: CVE-2021-34979

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202110-2060

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-2060

PATCH

title:Security Advisory for Vertical Privilege Escalation on Some Routers, PSV-2021-0152url:https://kb.netgear.com/000064261/Security-Advisory-for-Vertical-Privilege-Escalation-on-Some-Routers-PSV-2021-0152

Trust: 0.8

title:NETGEAR has issued an update to correct this vulnerability.url:https://kb.netgear.com/000064261/Security-Advisory-for-Vertical-Privilege-Escalation-on-Some-Routers-PSV-2021-0152?article=000064261

Trust: 0.7

title:Patch for NETGEAR R6260 mini_httpd SOAP buffer overflow vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/316156

Trust: 0.6

title:NETGEAR R6260 Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167740

Trust: 0.6

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // CNNVD: CNNVD-202110-2060

EXTERNAL IDS

db:NVDid:CVE-2021-34979

Trust: 4.5

db:ZDIid:ZDI-21-1241

Trust: 3.1

db:JVNDBid:JVNDB-2021-017782

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-13512

Trust: 0.7

db:CNVDid:CNVD-2022-06694

Trust: 0.6

db:CNNVDid:CNNVD-202110-2060

Trust: 0.6

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // CNNVD: CNNVD-202110-2060 // NVD: CVE-2021-34979

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-21-1241/

Trust: 3.0

url:https://kb.netgear.com/000064261/security-advisory-for-vertical-privilege-escalation-on-some-routers-psv-2021-0152?article=000064261

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-34979

Trust: 2.0

sources: ZDI: ZDI-21-1241 // CNVD: CNVD-2022-06694 // JVNDB: JVNDB-2021-017782 // CNNVD: CNNVD-202110-2060 // NVD: CVE-2021-34979

CREDITS

Sherman Chann Zhi Shen & Hoang Thach Nguyen (d4rkn3ss)

Trust: 1.3

sources: ZDI: ZDI-21-1241 // CNNVD: CNNVD-202110-2060

SOURCES

db:ZDIid:ZDI-21-1241
db:CNVDid:CNVD-2022-06694
db:JVNDBid:JVNDB-2021-017782
db:CNNVDid:CNNVD-202110-2060
db:NVDid:CVE-2021-34979

LAST UPDATE DATE

2024-08-14T14:31:32.155000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-1241date:2021-10-28T00:00:00
db:CNVDid:CNVD-2022-06694date:2022-01-25T00:00:00
db:JVNDBid:JVNDB-2021-017782date:2023-02-08T03:27:00
db:CNNVDid:CNNVD-202110-2060date:2022-02-14T00:00:00
db:NVDid:CVE-2021-34979date:2022-01-19T20:12:40.507

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-1241date:2021-10-28T00:00:00
db:CNVDid:CNVD-2022-06694date:2022-01-25T00:00:00
db:JVNDBid:JVNDB-2021-017782date:2023-02-08T00:00:00
db:CNNVDid:CNNVD-202110-2060date:2021-10-28T00:00:00
db:NVDid:CVE-2021-34979date:2022-01-13T22:15:12.717