This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the circled daemon. A crafted circleinfo.txt file can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15879.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| netgear | r6400_firmware | 1.0.4.126 | - |
| netgear | r6700_firmware | 1.0.4.126 | - |
| netgear | r6900p_firmware |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
24
Affected Products
4
References
netgear / r6400_firmware
| 1.3.3.148 |
| - |
| netgear | r7000_firmware | 1.0.11.134 | - |
| netgear | r7000p_firmware | 1.3.3.148 | - |
| netgear | r7850_firmware | 1.0.5.84 | - |
| netgear | r7960p_firmware | 1.4.3.88 | - |
| netgear | r8000_firmware | 1.0.4.84 | - |
| netgear | r8000p_firmware | 1.4.3.88 | - |
| netgear | rax200_firmware | 1.0.6.138 | - |
| netgear | rax75_firmware | 1.0.6.138 | - |
| netgear | rax80_firmware | 1.0.6.138 | - |
| netgear | rs400_firmware | 1.5.1.86 | - |
| netgear | cbr40_firmware | 2.5.0.28 | - |
| netgear | lbr1020_firmware | 2.7.4.2 | - |
| netgear | lbr20_firmware | 2.7.4.2 | - |
| netgear | rbr10_firmware | 2.7.4.24 | - |
| netgear | rbr20_firmware | 2.7.4.24 | - |
| netgear | rbr40_firmware | 2.7.4.24 | - |
| netgear | rbr50_firmware | 2.7.4.24 | - |
| netgear | rbs10_firmware | 2.7.4.24 | - |
| netgear | rbs20_firmware | 2.7.4.24 | - |
| netgear | rbs40_firmware | 2.7.4.24 | - |
| netgear | rbs50_firmware | 2.7.4.24 | - |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact