CVE-2022-27643

Summary

CVE	CVE-2022-27643
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-03-29 19:15:00 UTC
Updated	2023-04-05 15:06:00 UTC
Description	This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15692.

Risk And Classification

Problem Types: CWE-120

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Netgear	D6220	-	All	All	All
Operating System	Netgear	D6220 Firmware	All	All	All	All
Hardware	Netgear	D6400	-	All	All	All
Operating System	Netgear	D6400 Firmware	All	All	All	All
Hardware	Netgear	D7000v2	-	All	All	All
Operating System	Netgear	D7000v2 Firmware	All	All	All	All
Hardware	Netgear	Dc112a	-	All	All	All
Operating System	Netgear	Dc112a Firmware	All	All	All	All
Hardware	Netgear	Ex3700	-	All	All	All
Operating System	Netgear	Ex3700 Firmware	All	All	All	All
Hardware	Netgear	Ex3800	-	All	All	All
Operating System	Netgear	Ex3800 Firmware	All	All	All	All
Hardware	Netgear	Ex6120	-	All	All	All
Operating System	Netgear	Ex6120 Firmware	All	All	All	All
Hardware	Netgear	Ex6130	-	All	All	All
Operating System	Netgear	Ex6130 Firmware	All	All	All	All
Hardware	Netgear	R6400	-	All	All	All
Hardware	Netgear	R6400	v2	All	All	All
Operating System	Netgear	R6400 Firmware	All	All	All	All
Hardware	Netgear	R6700	v3	All	All	All
Operating System	Netgear	R6700 Firmware	All	All	All	All
Hardware	Netgear	R6900p	-	All	All	All
Operating System	Netgear	R6900p Firmware	All	All	All	All
Hardware	Netgear	R7000	-	All	All	All
Hardware	Netgear	R7000p	-	All	All	All
Operating System	Netgear	R7000p Firmware	All	All	All	All
Operating System	Netgear	R7000 Firmware	All	All	All	All
Hardware	Netgear	R7100lg	-	All	All	All
Operating System	Netgear	R7100lg Firmware	All	All	All	All
Hardware	Netgear	R7850	-	All	All	All
Operating System	Netgear	R7850 Firmware	All	All	All	All
Hardware	Netgear	R7900p	-	All	All	All
Operating System	Netgear	R7900p Firmware	All	All	All	All
Hardware	Netgear	R7960p	-	All	All	All
Operating System	Netgear	R7960p Firmware	All	All	All	All
Hardware	Netgear	R8000	-	All	All	All
Hardware	Netgear	R8000p	-	All	All	All
Operating System	Netgear	R8000p Firmware	All	All	All	All
Operating System	Netgear	R8000 Firmware	All	All	All	All
Hardware	Netgear	R8500	-	All	All	All
Operating System	Netgear	R8500 Firmware	All	All	All	All
Hardware	Netgear	Rax200	-	All	All	All
Operating System	Netgear	Rax200 Firmware	All	All	All	All
Hardware	Netgear	Rax75	-	All	All	All
Operating System	Netgear	Rax75 Firmware	All	All	All	All
Hardware	Netgear	Rax80	-	All	All	All
Operating System	Netgear	Rax80 Firmware	All	All	All	All
Hardware	Netgear	Rs400	-	All	All	All
Operating System	Netgear	Rs400 Firmware	All	All	All	All
Hardware	Netgear	Wndr3400	v3	All	All	All
Operating System	Netgear	Wndr3400 Firmware	All	All	All	All
Hardware	Netgear	Wnr3500l	v2	All	All	All
Operating System	Netgear	Wnr3500l Firmware	All	All	All	All
Hardware	Netgear	Xr300	-	All	All	All
Operating System	Netgear	Xr300 Firmware	All	All	All	All

References

Reference	Source	Link	Tags
ZDI-22-519 \| Zero Day Initiative	MISC	www.zerodayinitiative.com
Security Advisory for Pre-Authentication Buffer Overflow on Multiple Products, PSV-2021-0323 \| Answer \| NETGEAR Support	MISC	kb.netgear.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.