Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
August 23, 2023Rewterz Threat Advisory – Multiple Apache Batik Server-Side Vulnerabilities
August 23, 2023Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
August 23, 2023Rewterz Threat Advisory – Multiple Apache Batik Server-Side Vulnerabilities
August 23, 2023Severity
High
Analysis Summary
CVE-2023-40478 CVSS:8
NETGEAR RAX30 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the telnet CLI service. By sending a specially crafted request, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2023-40479 CVSS:8.8
NETGEAR RAX30 could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the DHCP server. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-40480 CVSS:8.8
NETGEAR RAX30 could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the DHCP server. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Buffer Overflow
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-40478
- CVE-2023-40479
- CVE-2023-40480
Affected Vendors
NETGEAR
Affected Products
- NETGEAR RAX30
Remediation
Refer to NETGEAR Web site for patch, upgrade or suggested workaround information.