ID
VAR-202211-1590
CVE
CVE-2022-44186
TITLE
NETGEAR R7000P wan_dns1_pri buffer overflow vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2022-86327
DESCRIPTION
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri. NETGEAR R7000P is a wireless router made by NETGEAR. This vulnerability is caused by the lack of length verification of the data input by the wan_dns1_pri parameter in /usr/sbin/httpd. Attackers can exploit the vulnerability to cause denial of service or remote code execution
Trust: 1.44
sources:
NVD: CVE-2022-44186 //
CNVD: CNVD-2022-86327
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86327
AFFECTED PRODUCTS
| vendor: | netgear | model: | r7000p | scope: | eq | version: | 1.3.1.64 | Trust: 1.0 |
| vendor: | netgear | model: | r7000p | scope: | eq | version: | v1.3.1.64 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86327 //
NVD: CVE-2022-44186
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2022-86327 //
CNNVD: CNNVD-202211-3313 //
NVD: CVE-2022-44186
PROBLEMTYPE DATA
| problemtype: | CWE-787 | Trust: 1.0 |
sources:
NVD: CVE-2022-44186
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202211-3313
TYPE
buffer error
Trust: 0.6
sources:
CNNVD: CNNVD-202211-3313
PATCH
| title: | Patch for NETGEAR R7000P wan_dns1_pri parameter buffer overflow vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/364356 | Trust: 0.6 |
| title: | NETGEAR R7000P Buffer error vulnerability fix | url: | http://123.124.177.30/web/xxk/bdxqById.tag?id=215390 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86327 //
CNNVD: CNNVD-202211-3313
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-44186 | Trust: 2.2 |
| db: | CNVD | id: | CNVD-2022-86327 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202211-3313 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86327 //
CNNVD: CNNVD-202211-3313 //
NVD: CVE-2022-44186
REFERENCES
| url: | https://www.netgear.com/about/security/ | Trust: 2.2 |
| url: | https://github.com/robinwang825/iot_vuln/tree/main/netgear/r7000p/4 | Trust: 1.6 |
| url: | https://cxsecurity.com/cveshow/cve-2022-44186/ | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86327 //
CNNVD: CNNVD-202211-3313 //
NVD: CVE-2022-44186
SOURCES
| db: | CNVD | id: | CNVD-2022-86327 |
| db: | CNNVD | id: | CNNVD-202211-3313 |
| db: | NVD | id: | CVE-2022-44186 |
LAST UPDATE DATE
2024-08-14T14:37:10.477000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2022-86327 | date: | 2022-12-09T00:00:00 |
| db: | CNNVD | id: | CNNVD-202211-3313 | date: | 2022-11-24T00:00:00 |
| db: | NVD | id: | CVE-2022-44186 | date: | 2022-11-23T19:08:02.067 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2022-86327 | date: | 2022-12-07T00:00:00 |
| db: | CNNVD | id: | CNNVD-202211-3313 | date: | 2022-11-22T00:00:00 |
| db: | NVD | id: | CVE-2022-44186 | date: | 2022-11-22T14:15:12.487 |