CVE-2022-27642

EPSS 0.04%
Published 29.03.2023 19:15:08
Last modified 21.11.2024 06:56:04
Source zdi-disclosures@trendmicro.com
Teams watchlist Login
Open Login

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Netgear ≫ Cax80 Firmware Version < 2.1.3.7

Netgear ≫ Cax80 Version-

Netgear ≫ Lax20 Firmware Version < 1.1.6.34

Netgear ≫ Lax20 Version-

Netgear ≫ Mr60 Firmware Version < 1.1.6.124

Netgear ≫ Mr60 Version-

Netgear ≫ Mr80 Firmware Version < 1.1.6.14

Netgear ≫ Mr80 Version-

Netgear ≫ Ms60 Firmware Version < 1.1.6.124

Netgear ≫ Ms60 Version-

Netgear ≫ Ms80 Firmware Version < 1.1.6.14

Netgear ≫ Ms80 Version-

Netgear ≫ R6400 Firmware Version < 1.0.1.78

Netgear ≫ R6400 Version-

Netgear ≫ R6400 Firmware Version < 1.0.4.126

Netgear ≫ R6400 Versionv2

Netgear ≫ R6700 Firmware Version < 1.0.4.126

Netgear ≫ R6700 Versionv3

Netgear ≫ R6900p Firmware Version < 1.3.3.148

Netgear ≫ R6900p Version-

Netgear ≫ R7000 Firmware Version < 1.0.11.134

Netgear ≫ R7000 Version-

Netgear ≫ R7000p Firmware Version < 1.3.3.148

Netgear ≫ R7000p Version-

Netgear ≫ R7850 Firmware Version < 1.0.5.84

Netgear ≫ R7850 Version-

Netgear ≫ R7900p Firmware Version < 1.4.3.88

Netgear ≫ R7900p Version-

Netgear ≫ R7960p Firmware Version < 1.4.3.88

Netgear ≫ R7960p Version-

Netgear ≫ R8000 Firmware Version < 1.0.4.84

Netgear ≫ R8000 Version-

Netgear ≫ R8000p Firmware Version < 1.4.3.88

Netgear ≫ R8000p Version-

Netgear ≫ R8500 Firmware Version < 1.0.2.158

Netgear ≫ R8500 Version-

Netgear ≫ Rax15 Firmware Version < 1.0.10.110

Netgear ≫ Rax15 Version-

Netgear ≫ Rax20 Firmware Version < 1.0.10.110

Netgear ≫ Rax20 Version-

Netgear ≫ Rax200 Firmware Version < 1.0.6.138

Netgear ≫ Rax200 Version-

Netgear ≫ Rax35 Firmware Version < 1.0.10.110

Netgear ≫ Rax35 Versionv2

Netgear ≫ Rax38 Firmware Version < 1.0.10.110

Netgear ≫ Rax38 Versionv2

Netgear ≫ Rax40 Firmware Version < 1.0.10.110

Netgear ≫ Rax40 Versionv2

Netgear ≫ Rax42 Firmware Version < 1.0.10.110

Netgear ≫ Rax42 Version-

Netgear ≫ Rax43 Firmware Version < 1.0.10.110

Netgear ≫ Rax43 Version-

Netgear ≫ Rax45 Firmware Version < 1.0.10.110

Netgear ≫ Rax45 Version-

Netgear ≫ Rax48 Firmware Version < 1.0.10.110

Netgear ≫ Rax48 Version-

Netgear ≫ Rax50 Firmware Version < 1.0.10.110

Netgear ≫ Rax50 Version-

Netgear ≫ Rax50s Firmware Version < 1.0.10.110

Netgear ≫ Rax50s Version-

Netgear ≫ Rax75 Firmware Version < 1.0.6.138

Netgear ≫ Rax75 Version-

Netgear ≫ Rax80 Firmware Version < 1.0.6.138

Netgear ≫ Rax80 Version-

Netgear ≫ Rs400 Firmware Version < 1.5.1.86

Netgear ≫ Rs400 Version-

Netgear ≫ R7100lg Firmware Version < 1.0.0.76

Netgear ≫ R7100lg Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.078

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
zdi-disclosures@trendmicro.com	6.3	2.8	3.4	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-22-518/

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2022-27642

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-27642

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-27642

EUVD