CVE-2021-34236 - OpenCVE

Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to '/bd_genie_create_account.cgi' with a sufficiently long parameter 'register_country'.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Netgear	R8000 Firmware R8000

Configuration 1 [-]

AND

cpe:2.3:o:netgear:r8000_firmware:1.0.4.56:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/Davidteeri/Bug-Report/blob/main/netgear-8000.md	Broken Link
https://github.com/advisories/GHSA-vfq9-7wg3-4mjx	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-07T23:58:32

Updated: 2022-09-07T23:58:32

Reserved: 2021-06-07T00:00:00

Link: CVE-2021-34236

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-08T00:15:09.827

Modified: 2022-09-12T18:18:16.233

Link: CVE-2021-34236

JSON object: View

Redhat Information

No data.

CWE

CWE-120