Sign-up

ID

VAR-202304-2107


CVE

CVE-2023-30280


TITLE

NETGEAR R6900 and NETGEAR R6700v3 Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202304-2116

DESCRIPTION

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page

Trust: 0.99

sources: NVD: CVE-2023-30280 // VULMON: CVE-2023-30280

AFFECTED PRODUCTS

vendor:netgearmodel:r6900scope:eqversion:1.0.2.26

Trust: 1.0

vendor:netgearmodel:r6700scope:eqversion:1.0.4.128

Trust: 1.0

vendor:netgearmodel:r6700scope:eqversion:1.0.0.26

Trust: 1.0

sources: NVD: CVE-2023-30280

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-30280
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-202304-2116
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2023-30280
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202304-2116 // NVD: CVE-2023-30280

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

sources: NVD: CVE-2023-30280

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202304-2116

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202304-2116

EXTERNAL IDS

db:NVDid:CVE-2023-30280

Trust: 1.7

db:CNNVDid:CNNVD-202304-2116

Trust: 0.6

db:VULMONid:CVE-2023-30280

Trust: 0.1

sources: VULMON: CVE-2023-30280 // CNNVD: CNNVD-202304-2116 // NVD: CVE-2023-30280

REFERENCES

url:https://github.com/

Trust: 1.7

url:https://www.netgear.com/about/security/

Trust: 1.7

url:https://cxsecurity.com/cveshow/cve-2023-30280/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-30280 // CNNVD: CNNVD-202304-2116 // NVD: CVE-2023-30280

SOURCES

db:VULMONid:CVE-2023-30280
db:CNNVDid:CNNVD-202304-2116
db:NVDid:CVE-2023-30280

LAST UPDATE DATE

2024-08-14T14:54:48.286000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-30280date:2023-04-27T00:00:00
db:CNNVDid:CNNVD-202304-2116date:2023-05-09T00:00:00
db:NVDid:CVE-2023-30280date:2023-05-08T16:54:48.227

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-30280date:2023-04-26T00:00:00
db:CNNVDid:CNNVD-202304-2116date:2023-04-26T00:00:00
db:NVDid:CVE-2023-30280date:2023-04-26T20:15:10.310