CVE-2018-21151

MEDIUM

NETGEAR D7800/R7500/R7800/R8900/R9000/WNDR4300/WNDR4500 Firmware - Authenticated Buffer Overflow

Title source: llm
STIX 2.1

Description

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54.

Scores

CVSS v3 6.8
EPSS 0.0065
EPSS Percentile 47.0%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (7)
netgear/d7800_firmware < 1.0.1.34
netgear/r7500_firmware < 1.0.3.26
netgear/r7800_firmware < 1.0.2.42
netgear/r8900_firmware < 1.0.3.10
netgear/r9000_firmware < 1.0.3.10
netgear/wndr4300_firmware < 1.0.0.54
netgear/wndr4500_firmware < 1.0.0.54
Published Apr 22, 2020
Tracked Since Feb 18, 2026