CVE-2023-38922 - Vulnerability Details - OpenCVE

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Vendors	Products
Netgear	Jwnr2000v2 Jwnr2000v2 Firmware Xavn2001v2 Xavn2001v2 Firmware Xwn5001 Xwn5001 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:netgear:jwnr2000v2_firmware:1.0.0.11:*:*:*:*:*:*:*

cpe:2.3:h:netgear:jwnr2000v2:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:netgear:xwn5001_firmware:0.4.1.1:*:*:*:*:*:*:*

cpe:2.3:h:netgear:xwn5001:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:netgear:xavn2001v2_firmware:0.4.0.7:*:*:*:*:*:*:*

cpe:2.3:h:netgear:xavn2001v2:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md
https://www.netgear.com/about/security/

History

Fri, 11 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-08-07T00:00:00

Updated: 2024-10-11T14:15:52.712Z

Reserved: 2023-07-25T00:00:00

Link: CVE-2023-38922

Vulnrichment

Updated: 2024-08-02T17:54:39.296Z

NVD

Status : Modified

Published: 2023-08-07T19:15:10.477

Modified: 2024-11-21T08:14:26.843

Link: CVE-2023-38922

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-38922", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-10-11T14:15:52.712Z", "dateReserved": "2023-07-25T00:00:00", "datePublished": "2023-08-07T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-08-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.netgear.com/about/security/"}, {"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:54:39.296Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.netgear.com/about/security/", "tags": ["x_transferred"]}, {"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "netgear", "product": "jwnr2000v2", "cpes": ["cpe:2.3:h:netgear:jwnr2000v2:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "v1.0.0.11", "status": "affected"}]}, {"vendor": "netgear", "product": "xwn5001", "cpes": ["cpe:2.3:h:netgear:xwn5001:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "v0.4.1.1", "status": "affected"}]}, {"vendor": "netgear", "product": "xavn2001v2", "cpes": ["cpe:2.3:h:netgear:xavn2001v2:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "v0.4.0.7", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-11T14:14:29.997810Z", "id": "CVE-2023-38922", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T14:15:52.712Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.netgear.com/about/security/", "tags": ["x_transferred"]}, {"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:54:39.296Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-38922", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-11T14:14:29.997810Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:netgear:jwnr2000v2:-:*:*:*:*:*:*:*"], "vendor": "netgear", "product": "jwnr2000v2", "versions": [{"status": "affected", "version": "v1.0.0.11"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:netgear:xwn5001:-:*:*:*:*:*:*:*"], "vendor": "netgear", "product": "xwn5001", "versions": [{"status": "affected", "version": "v0.4.1.1"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:netgear:xavn2001v2:-:*:*:*:*:*:*:*"], "vendor": "netgear", "product": "xavn2001v2", "versions": [{"status": "affected", "version": "v0.4.0.7"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-11T14:15:47.519Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.netgear.com/about/security/"}, {"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md"}], "descriptions": [{"lang": "en", "value": "Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-08-07T00:00:00"}}}, "cveMetadata": {"cveId": "CVE-2023-38922", "state": "PUBLISHED", "dateUpdated": "2024-10-11T14:15:52.712Z", "dateReserved": "2023-07-25T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-08-07T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:jwnr2000v2_firmware:1.0.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "21E91328-4F46-42D4-A99F-A83AE71C8F2D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:jwnr2000v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "32886871-051A-40D8-97FA-6DCD20714D79", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:xwn5001_firmware:0.4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9C025A46-FB26-409A-888F-7336F871AC8A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:xwn5001:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EEF5DCA-0EDB-4966-95AC-52B2661B8D1B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:xavn2001v2_firmware:0.4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "6A2B5F63-7A1F-41F9-8184-112AB2D0979C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:xavn2001v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "9DA4AFAA-8FBF-43FB-B2FB-8FF806FF2BBB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function."}], "id": "CVE-2023-38922", "lastModified": "2024-11-21T08:14:26.843", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-07T19:15:10.477", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.netgear.com/about/security/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.netgear.com/about/security/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}