中危 NETGEAR R6400v2堆栈缓冲区溢出漏洞
CVE编号
CVE-2021-34991利用情况
暂无补丁情况
官方补丁披露时间
2021-11-16漏洞描述
Netgear NETGEAR R6400v2是美国网件(Netgear)公司的一款路由器。连接两个或多个网络的硬件设备,在网络间起网关的作用。 NETGEAR R6400v2 1.0.4.106_10.0.80路由器存在堆栈缓冲区溢出漏洞。该漏洞源于UPnP服务默认侦听TCP端口5000。攻击者可以利用该漏洞在root环境中执行代码。 受影响系统: Netgear R6400v2 1.0.4.106_10.0.80解决建议
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168
参考链接 |
|
|---|---|
| https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buf... | |
| https://www.zerodayinitiative.com/advisories/ZDI-21-1303/ |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | netgear | cax80_firmware | * | Up to (excluding) 2.1.3.5 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | d6220_firmware | * | Up to (excluding) 1.0.0.76 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | d6400_firmware | * | Up to (excluding) 1.0.0.108 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | d7000v2_firmware | * | Up to (excluding) 1.0.0.76 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | dc112a_firmware | * | Up to (excluding) 1.0.0.62 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | dgn2200v4_firmware | * | Up to (excluding) 1.0.0.126 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | ex3700_firmware | * | Up to (excluding) 1.0.0.94 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | ex3800_firmware | * | Up to (excluding) 1.0.0.94 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | ex6120_firmware | * | Up to (excluding) 1.0.0.66 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | ex6130_firmware | * | Up to (excluding) 1.0.0.66 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r6400v2_firmware | * | Up to (excluding) 1.0.4.120 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r6400_firmware | * | Up to (excluding) 1.0.1.76 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r6700v3_firmware | * | Up to (excluding) 1.0.4.120 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r6900p_firmware | * | Up to (excluding) 1.3.3.142 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r7000p_firmware | * | Up to (excluding) 1.3.3.142 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r7000_firmware | * | Up to (excluding) 1.0.11.128 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r7100lg_firmware | * | Up to (excluding) 1.0.0.72 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r7850_firmware | * | Up to (excluding) 1.0.5.76 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r7900p_firmware | * | Up to (excluding) 1.4.2.84 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r7960p_firmware | * | Up to (excluding) 1.4.2.84 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r8000p_firmware | * | Up to (excluding) 1.4.2.84 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r8000_firmware | * | Up to (excluding) 1.0.4.76 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r8300_firmware | * | Up to (excluding) 1.0.2.156 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | r8500_firmware | * | Up to (excluding) 1.0.2.156 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax15_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax200_firmware | * | Up to (excluding) 1.0.5.132 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax20_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax35v2_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax38v2_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax40v2_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax42_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax43_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax45_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax48_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax50s_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax50_firmware | * | Up to (excluding) 1.0.4.100 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax75_firmware | * | Up to (excluding) 1.0.5.132 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rax80_firmware | * | Up to (excluding) 1.0.5.132 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | raxe450_firmware | * | Up to (excluding) 1.0.8.70 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | raxe500_firmware | * | Up to (excluding) 1.0.8.70 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | rs400_firmware | * | Up to (excluding) 1.5.1.80 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | wndr3400v3_firmware | * | Up to (excluding) 1.0.1.42 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | wnr3500lv2_firmware | * | Up to (excluding) 1.2.0.70 | |||||
| 运行在以下环境 | |||||||||
| 系统 | netgear | xr300_firmware | * | Up to (excluding) 1.0.3.68 | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | cax80 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | d6220 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | d6400 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | d7000v2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | dc112a | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | dgn2200v4 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | ex3700 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | ex3800 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | ex6120 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | ex6130 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r6400 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r6400v2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r6700v3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r6900p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r7000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r7000p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r7100lg | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r7850 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r7900p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r7960p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r8000 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r8000p | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r8300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | r8500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax15 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax20 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax200 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax35v2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax38v2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax40v2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax42 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax43 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax45 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax48 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax50 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax50s | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax75 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rax80 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | raxe450 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | raxe500 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | rs400 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | wndr3400v3 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | wnr3500lv2 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | netgear | xr300 | - | - | |||||
- 攻击路径 远程
- 攻击复杂度 复杂
- 权限要求 无需权限
- 影响范围 全局影响
- EXP成熟度 未验证
- 补丁情况 官方补丁
- 数据保密性 数据泄露
- 数据完整性 无影响
- 服务器危害 无影响
- 全网数量 N/A
| CWE-ID | 漏洞类型 |
| CWE-121 | 栈缓冲区溢出 |
| CWE-787 | 跨界内存写 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论