CVE-2022-37234 The Netgear Nighthawk R7000-V1.0.11.134_10.2.119 is vulnerable to a buffer overflow via the wl binary.

A remote user or attacker can send a specially crafted HTTP request to the wl binary, causing the wl binary to crash and resulting in a Denial of Service condition.

A remote user or attacker can send a specially crafted HTTP request to the wl binary, causing the wl binary to crash and resulting in a Denial of Service condition. Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Remote DDOS via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy, which could be exploited to create a Denial of Service condition.

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Remote DDOS via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy, which could be exploited to create a Denial of Service condition. Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Remote code execution via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy, which could be exploited to create a Denial of Service condition.

Netgear Nighthawk AC1900 Smart WiFi Dual Band

Summary

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Remote DDOS via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy, which could be exploited to create a Denial of Service condition. Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Remote code execution via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy, which could be exploited to create a Denial of Service condition

Netgear Nighthawk AC1900 Smart WiFi Dual Band Router R7000-V1.0.11.134_10.2.119 Functions as Wifi Ac

Netgear Nighthawk AC1900 Smart WiFi Dual Band Router R7000-V1.0.11.134_10.2.119 is vulnerable to Remote DDOS via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy, which could be exploited to create a Denial of Service condition. Netgear Nighthawk AC1900 Smart WiFi Dual Band Router R7000-V1.0.11.134_10.2.119 functions as wifi ac, so there is potential for remote DDOS attacks on the router itself and network traffic that passes through the router unless mitigated by other measures such as IPS and IDS and firewall rules that would be implemented on the router itself and Network Traffic Management system

What to do if you are affected?

If you are using the Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119, please update to Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.23.143_10.2.136 or later versions that resolve the vulnerability, or consider replacing your device with a new one

Overview

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Remote DDOS via the wl binary in firmware, a stack overflow vulnerability caused by strncpy and a remote code execution vulnerability caused by strncpy in firmware

Timeline

Published on: 09/22/2022 20:15:00 UTC
Last modified on: 09/27/2022 04:52:00 UTC

References

• https://github.com/Davidteeri/Bug-Report/blob/main/netgear-R7000-0x461bc-strncpy.md
• https://www.netgear.com/about/security/
• https://www.netgear.com/support/download/?model=R7000
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37234