Vulnerability Description
An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.
CVSS Score
4.8
MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | Wnr2000 Firmware | <= 1.2.3.7 |
| Netgear | Wnr2000 | 1.0 |
Related Weaknesses (CWE)
References
- https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/B1bFKBWwi
- https://www.netgear.com/about/security/Vendor Advisory
- https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/B1bFKBWwi
- https://www.netgear.com/about/security/Vendor Advisory
FAQ
What is CVE-2022-46422?
CVE-2022-46422 is a vulnerability with a CVSS score of 4.8 (MEDIUM). An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.
How severe is CVE-2022-46422?
CVE-2022-46422 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-46422?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear Wnr2000 Firmware, Netgear Wnr2000.