CVE-2022-24655
Published Mar 18, 2022
Last updated 3 years ago
Overview
- Description
- A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-787
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6100_firmware:201.0.2.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37A39F3F-B85E-4BB3-BA63-5CB0602F5550"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AB84CD03-765C-4D4F-A176-364F8E72A4E7"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A858641D-FD51-4A0C-B09B-A72DA47B6961"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3186CC67-B567-4A0C-BD2C-0433716FBD1B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:cax80_firmware:2.1.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28C36F9E-A167-4D47-9146-BE00629E2549"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:cax80:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "673A83EA-E359-4629-8B20-5382C15260B2"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:dc112a_firmware:1.0.0.62:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8421345C-55A1-49B3-9A2F-B9D231BBBE4C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]