ID
VAR-202211-1483
CVE
CVE-2022-44199
TITLE
NETGEAR R7000P openvpn_server_ip buffer overflow vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2022-85557
DESCRIPTION
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip. NETGEAR R7000P is a wireless router made by NETGEAR. The vulnerability stems from the lack of length verification of the data entered in the openvpn_server_ip parameter. Attackers can use this vulnerability to cause denial of service or remote code execution
Trust: 1.44
sources:
NVD: CVE-2022-44199 //
CNVD: CNVD-2022-85557
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2022-85557
AFFECTED PRODUCTS
| vendor: | netgear | model: | r7000p | scope: | eq | version: | 1.3.1.64 | Trust: 1.0 |
| vendor: | netgear | model: | r7000p | scope: | eq | version: | v1.3.0.8 | Trust: 0.6 |
| vendor: | netgear | model: | r7000p | scope: | eq | version: | v1.3.1.64 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-85557 //
NVD: CVE-2022-44199
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2022-85557 //
CNNVD: CNNVD-202211-3285 //
NVD: CVE-2022-44199
PROBLEMTYPE DATA
| problemtype: | CWE-787 | Trust: 1.0 |
sources:
NVD: CVE-2022-44199
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202211-3285
TYPE
buffer error
Trust: 0.6
sources:
CNNVD: CNNVD-202211-3285
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-44199 | Trust: 2.2 |
| db: | CNVD | id: | CNVD-2022-85557 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202211-3285 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-85557 //
CNNVD: CNNVD-202211-3285 //
NVD: CVE-2022-44199
REFERENCES
| url: | https://www.netgear.com/about/security/ | Trust: 2.2 |
| url: | https://github.com/robinwang825/iot_vuln/tree/main/netgear/r7000p/16 | Trust: 1.6 |
| url: | https://cxsecurity.com/cveshow/cve-2022-44199/ | Trust: 0.6 |
sources:
CNVD: CNVD-2022-85557 //
CNNVD: CNNVD-202211-3285 //
NVD: CVE-2022-44199
SOURCES
| db: | CNVD | id: | CNVD-2022-85557 |
| db: | CNNVD | id: | CNNVD-202211-3285 |
| db: | NVD | id: | CVE-2022-44199 |
LAST UPDATE DATE
2024-08-14T13:21:30.278000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2022-85557 | date: | 2022-12-07T00:00:00 |
| db: | CNNVD | id: | CNNVD-202211-3285 | date: | 2022-11-24T00:00:00 |
| db: | NVD | id: | CVE-2022-44199 | date: | 2022-11-23T18:35:08.423 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2022-85557 | date: | 2022-12-07T00:00:00 |
| db: | CNNVD | id: | CNNVD-202211-3285 | date: | 2022-11-22T00:00:00 |
| db: | NVD | id: | CVE-2022-44199 | date: | 2022-11-22T14:15:14.620 |