ID
VAR-202211-1697
CVE
CVE-2022-44184
TITLE
NETGEAR R7000P wan_dns1_sec buffer overflow vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2022-86328
DESCRIPTION
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec. NETGEAR R7000P is a wireless router made by NETGEAR. This vulnerability is caused by the lack of length verification of the data input for the wan_dns1_sec parameter in /usr/sbin/httpd. Attackers can exploit the vulnerability to cause denial of service or remote code execution
Trust: 1.44
sources:
NVD: CVE-2022-44184 //
CNVD: CNVD-2022-86328
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86328
AFFECTED PRODUCTS
| vendor: | netgear | model: | r7000p | scope: | eq | version: | 1.3.0.8 | Trust: 1.0 |
| vendor: | netgear | model: | r7000p | scope: | eq | version: | v1.3.0.8 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86328 //
NVD: CVE-2022-44184
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2022-86328 //
CNNVD: CNNVD-202211-3315 //
NVD: CVE-2022-44184
PROBLEMTYPE DATA
| problemtype: | CWE-787 | Trust: 1.0 |
sources:
NVD: CVE-2022-44184
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202211-3315
TYPE
buffer error
Trust: 0.6
sources:
CNNVD: CNNVD-202211-3315
PATCH
| title: | Patch for NETGEAR R7000P wan_dns1_sec parameter buffer overflow vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/364381 | Trust: 0.6 |
| title: | NETGEAR R7000P Buffer error vulnerability fix | url: | http://123.124.177.30/web/xxk/bdxqById.tag?id=215391 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86328 //
CNNVD: CNNVD-202211-3315
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-44184 | Trust: 2.2 |
| db: | CNVD | id: | CNVD-2022-86328 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202211-3315 | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86328 //
CNNVD: CNNVD-202211-3315 //
NVD: CVE-2022-44184
REFERENCES
| url: | https://www.netgear.com/about/security/ | Trust: 2.2 |
| url: | https://github.com/robinwang825/iot_vuln/tree/main/netgear/r7000p/1 | Trust: 1.6 |
| url: | https://cxsecurity.com/cveshow/cve-2022-44184/ | Trust: 0.6 |
sources:
CNVD: CNVD-2022-86328 //
CNNVD: CNNVD-202211-3315 //
NVD: CVE-2022-44184
SOURCES
| db: | CNVD | id: | CNVD-2022-86328 |
| db: | CNNVD | id: | CNNVD-202211-3315 |
| db: | NVD | id: | CVE-2022-44184 |
LAST UPDATE DATE
2024-08-14T14:30:51.311000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2022-86328 | date: | 2022-12-09T00:00:00 |
| db: | CNNVD | id: | CNNVD-202211-3315 | date: | 2022-11-24T00:00:00 |
| db: | NVD | id: | CVE-2022-44184 | date: | 2022-11-23T18:35:28.670 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2022-86328 | date: | 2022-12-07T00:00:00 |
| db: | CNNVD | id: | CNNVD-202211-3315 | date: | 2022-11-22T00:00:00 |
| db: | NVD | id: | CVE-2022-44184 | date: | 2022-11-22T15:15:12.003 |