CVE-2019-20753 - Netgear D7000 Firmware, Netgear R6900p Firmware and Netgear R6250 Firmware

April 17, 2020

Critical 8.8

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900 before 1.0.2.16, R7000P before 1.3.2.34, R7300DST before 1.0.0.68, R7100LG before 1.0.0.46, R6900P before 1.3.2.34, R7000 before 1.0.9.28, R6900 before 1.0.1.46, R6700 before 1.0.1.46, R6400v2 before 1.0.2.56, R6400 before 1.0.1.42, R6300v2 before 1.0.4.28, R6250 before 1.0.4.26, WNDR3400v3 before 1.0.1.22, WNDR4500v2 before 1.0.0.72, and WNR3500Lv2 before 1.2.0.50.

Affected software

Netgear D7000 Firmware

Netgear R6900p Firmware

Netgear R6250 Firmware

Netgear Wnr3500l Firmware

Netgear D6400 Firmware

Netgear R7300dst Firmware

Netgear R7900 Firmware

Netgear R8300 Firmware

Netgear R6700 Firmware

Netgear Wndr4500 Firmware

Netgear R7000p Firmware

Netgear D8500 Firmware

Netgear Jndr3000 Firmware

Netgear Dgn2200 Firmware

Netgear R8500 Firmware

Netgear R6900 Firmware

Netgear R6400 Firmware

Netgear R8000 Firmware

Netgear R7100lg Firmware

Netgear R6300 Firmware

Netgear R7000 Firmware

Netgear Wndr3400 Firmware

Netgear D6220 Firmware

Reference links

https://kb.netgear.com/000060629/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-and-Modem-Routers-PSV-2018-0085

CVE-2019-20753 - Netgear D7000 Firmware, Netgear R6900p Firmware and Netgear R6250 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software