upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.102_10.0.75, R6400 V1.0.1.62_1.0.41, R7000P V1.3.2.126_10.1.66, XR300 V1.0.3.50_10.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST V1.0.0.74, R7850 V1.0.5.64, R7900 V1.0.4.30, RAX20 V1.0.2.64, RAX80 V1.0.3.102, and R6250 V1.0.4.44.
Project Subscriptions
| Vendors | Products |
|---|---|
|
Netgear
Subscribe
|
R6250
Subscribe
R6250 Firmware
Subscribe
R6400
Subscribe
R6400 Firmware
Subscribe
R6400v2
Subscribe
R6400v2 Firmware
Subscribe
R7000p
Subscribe
R7000p Firmware
Subscribe
R7300dst
Subscribe
R7300dst Firmware
Subscribe
R7850
Subscribe
R7850 Firmware
Subscribe
R7900
Subscribe
R7900 Firmware
Subscribe
R8000
Subscribe
R8000 Firmware
Subscribe
R8300
Subscribe
R8300 Firmware
Subscribe
R8500
Subscribe
R8500 Firmware
Subscribe
Rax20
Subscribe
Rax20 Firmware
Subscribe
Rax80
Subscribe
Rax80 Firmware
Subscribe
Xr300
Subscribe
Xr300 Firmware
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2020-20832 | upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.102_10.0.75, R6400 V1.0.1.62_1.0.41, R7000P V1.3.2.126_10.1.66, XR300 V1.0.3.50_10.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST V1.0.0.74, R7850 V1.0.5.64, R7900 V1.0.4.30, RAX20 V1.0.2.64, RAX80 V1.0.3.102, and R6250 V1.0.4.44. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://github.com/cpeggg/Netgear-upnpd-poc |
|
History
No history.
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T16:33:59.068Z
Reserved: 2020-11-09T00:00:00
Link: CVE-2020-28373
No data.
Status : Modified
Published: 2020-11-09T22:15:13.413
Modified: 2024-11-21T05:22:40.897
Link: CVE-2020-28373
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD