CVE-2017-6862
CVE-2017-6862
In short
NETGEAR WNR2000 routers have a critical flaw that allows attackers to bypass login and take complete control of the device by sending specially crafted requests to the administration interface. This affects versions before 1.1.2.14 (v3), 1.0.0.66 (v4), and 1.0.0.42 (v5).
Technical detail
A stack-based buffer overflow exists in the NETGEAR WNR2000 administration webapp parameter handling, enabling unauthenticated remote code execution. The vulnerability requires only network access to the device's web interface and no user interaction; successful exploitation grants full administrative control regardless of authentication credentials.
Summary generated and translated by AI from the official description.
NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · NETGEAR All versions prior to WNR2000v3 1.1.2.14, WNR2000v4 1.0.0.66, WNR2000v5 1.0.0.42Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://kb.netgear.com/000038542/Security-Advisory-for-Unauthenticated-Remote-Code-Execution-on-Some-Routers-PSV-2016-0261https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-6862https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_netgear_wnr2000v5_-_cve-2017-6862.pdfhttp://www.securityfocus.com/bid/98740