Rewterz Threat Advisory – Multiple NETGEAR R6700v3 Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2022-27644

NETGEAR R6700v3 could allow a remote attacker to execute arbitrary code on the system, caused by improper certificate validation in the downloading of files. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of root.

CVE-2022-27646

NETGEAR R6700v3 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the the circled daemon. By using a specialy-crafted circleinfo.txt file, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system.

CVE-2022-27647

NETGEAR R6700v3 could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the handling of the name or email field provided to libreadycloud.so. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

Impact

• Code Execution
• Buffer Overflow
• Command Execution

Indicator Of Compromise

CVE

• CVE-2022-27644
• CVE-2022-27646
• CVE-2022-27647

Affected Vendors

• NETGEAR

Affected Products

• NETGEAR R6700v3

Remediation

Refer to NETGEAR Security Advisory for patch, upgrade or suggested workaround information.

NETGEAR Security Advisory