CVE-2023-42561

MEDIUM Year: 2023
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-787
View all →

Vulnerability Description

Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.

Related Vulnerabilities

CVE-2017-18697

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.

CWE-7872017

CVE-2017-18698

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6100 before 1.0.1.20, R7800 before 1.0.2.40, and R9000 before 1.0.2.52.

CWE-7872017

CVE-2017-18699

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.

CWE-7872017

CVE-2017-18759

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.

CWE-7872017

CVE-2017-18761

MEDIUM
CVSS:6.8(Medium)

NETGEAR R8000 devices before 1.0.4.2 are affected by a stack-based buffer overflow by an authenticated user.

CWE-7872017

CVE-2017-18865

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.

CWE-7872017