CVE-2021-45605
MEDIUMNETGEAR R6400/R7000/R6900P/R7000P/R7900/RAX75/RAX80/XR300 Firmware - Authenticated Stack-based Buffer Overflow
Title source: llmDescription
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400 before 1.0.1.68, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7900 before 1.0.4.38, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, and XR300 before 1.0.3.50.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://kb.netgear.com/000064072/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-PSV-2019-0214
Scores
CVSS v3
6.0
EPSS
0.0015
EPSS Percentile
35.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Details
CWE
CWE-787
Status
published
Products (8)
netgear/r6400_firmware
< 1.0.1.68
netgear/r6900p_firmware
< 1.3.3.140
netgear/r7000_firmware
< 1.0.11.116
netgear/r7000p_firmware
< 1.3.3.140
netgear/r7900_firmware
< 1.0.4.38
netgear/rax75_firmware
< 1.0.3.102
netgear/rax80_firmware
< 1.0.3.102
netgear/xr300_firmware
< 1.0.3.50
Published
Dec 26, 2021
Tracked Since
Feb 18, 2026