CVE-2021-31802
Last modified
CVE-2021-31802 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. EPSS estimates a 14.18% chance of exploitation in the next 30 days.
Description
NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. An attacker can leverage this to execute code as root. The problem is that a user-provided length value is trusted during a backup.cgi file upload. The attacker must add a \n before the Content-Length header.
Metrics
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Netgear | R7000 Firmware | <= 1.0.11.116 |
References
- https://ssd-disclosure.com/ssd-advisory-netgear-nighthawk-r7000-httpd-preauth-rce/Exploit, Third Party Advisory
- https://www.netgear.com/about/security/Vendor Advisory
- https://ssd-disclosure.com/ssd-advisory-netgear-nighthawk-r7000-httpd-preauth-rce/Exploit, Third Party Advisory
- https://www.netgear.com/about/security/Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-31802?
How severe is CVE-2021-31802?
How do I fix CVE-2021-31802?
Are you affected by CVE-2021-31802?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST