Vulnerability Description
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122, R6900P before 1.3.3.152, R7000P before 1.3.3.152, R7000 before 1.0.11.136, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netgear | Rax40 Firmware | < 1.0.2.60 |
| Netgear | Rax40 | - |
| Netgear | Rax35 Firmware | < 1.0.2.60 |
| Netgear | Rax35 | - |
| Netgear | R6400V2 Firmware | < 1.0.4.122 |
| Netgear | R6400V2 | - |
| Netgear | R6700V3 Firmware | < 1.0.4.122 |
| Netgear | R6700V3 | - |
| Netgear | R6900P Firmware | < 1.3.3.152 |
| Netgear | R6900P | - |
| Netgear | R7000P Firmware | < 1.3.3.152 |
| Netgear | R7000P | - |
| Netgear | R7000 Firmware | < 1.0.11.136 |
| Netgear | R7000 | - |
| Netgear | R7960P Firmware | < 1.4.4.94 |
| Netgear | R7960P | - |
| Netgear | R8000P Firmware | < 1.4.4.94 |
| Netgear | R8000P | - |
Related Weaknesses (CWE)
References
- https://kb.netgear.com/000065495/Security-Advisory-for-Pre-Authentication-BufferPatchVendor Advisory
- https://www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-recePatchThird Party Advisory
- https://kb.netgear.com/000065495/Security-Advisory-for-Pre-Authentication-BufferPatchVendor Advisory
- https://www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-recePatchThird Party Advisory
FAQ
What is CVE-2022-48196?
CVE-2022-48196 is a vulnerability with a CVSS score of 7.4 (HIGH). Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122,...
How severe is CVE-2022-48196?
CVE-2022-48196 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-48196?
Check the references section above for vendor advisories and patch information. Affected products include: Netgear Rax40 Firmware, Netgear Rax40, Netgear Rax35 Firmware, Netgear Rax35, Netgear R6400V2 Firmware.