Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlg_adv.cgi via the apmode_dns1_pri and apmode_dns1_sec parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted POST request.
References
| Link | Resource |
|---|---|
| https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_49/49.md | Broken Link |
| https://www.netgear.com/about/security/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
History
21 May 2025, 20:23
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r8500_firmware:1.0.2.160:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7000p_firmware:1.3.3.154:*:*:*:*:*:*:* cpe:2.3:o:netgear:xr300_firmware:1.0.3.78:*:*:*:*:*:*:* cpe:2.3:o:netgear:r6400v2_firmware:1.0.4.128:*:*:*:*:*:*:* |
|
| References | () https://github.com/wudipjq/my_vuln/blob/main/Netgear4/vuln_49/49.md - Broken Link | |
| References | () https://www.netgear.com/about/security/ - Vendor Advisory | |
| First Time |
Netgear r7000p
Netgear r6400v2 Netgear r7000p Firmware Netgear xr300 Firmware Netgear xr300 Netgear r6400v2 Firmware Netgear r8500 Netgear Netgear r8500 Firmware |
Information
Published : 2024-11-05 15:15
Updated : 2025-05-21 20:23
NVD link : CVE-2024-52016
Mitre link : CVE-2024-52016
CVE.ORG link : CVE-2024-52016
JSON object : View
Products Affected
netgear
- r8500
- xr300
- r7000p
- r8500_firmware
- r6400v2
- xr300_firmware
- r7000p_firmware
- r6400v2_firmware
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')