CVE-2023-39550 - Vulnerability Details - OpenCVE

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Vendors	Products
Netgear	Jwnr2000v2 Jwnr2000v2 Firmware Xavn2001v2 Xavn2001v2 Firmware Xwn5001 Xwn5001 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:netgear:jwnr2000v2_firmware:1.0.0.11:*:*:*:*:*:*:*

cpe:2.3:h:netgear:jwnr2000v2:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:netgear:xwn5001_firmware:0.4.1.1:*:*:*:*:*:*:*

cpe:2.3:h:netgear:xwn5001:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:netgear:xavn2001v2_firmware:0.4.0.7:*:*:*:*:*:*:*

cpe:2.3:h:netgear:xavn2001v2:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md
https://www.netgear.com/about/security/

History

Thu, 17 Oct 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-08-07T00:00:00

Updated: 2024-10-17T14:24:59.568Z

Reserved: 2023-08-04T00:00:00

Link: CVE-2023-39550

Vulnrichment

Updated: 2024-08-02T18:10:21.460Z

NVD

Status : Modified

Published: 2023-08-07T19:15:11.987

Modified: 2024-11-21T08:15:39.607

Link: CVE-2023-39550

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-39550", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-10-17T14:24:59.568Z", "dateReserved": "2023-08-04T00:00:00", "datePublished": "2023-08-07T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-08-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.netgear.com/about/security/"}, {"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:10:21.460Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.netgear.com/about/security/", "tags": ["x_transferred"]}, {"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "netgear", "product": "jwnr2000v2", "cpes": ["cpe:2.3:h:netgear:jwnr2000v2:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "v1.0.0.11,", "status": "affected"}]}, {"vendor": "netgear", "product": "xwn5001", "cpes": ["cpe:2.3:h:netgear:xwn5001:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "v0.4.1.1", "status": "affected"}]}, {"vendor": "netgear", "product": "xavn2001v2", "cpes": ["cpe:2.3:h:netgear:xavn2001v2:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "v0.4.0.7", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-17T14:21:21.614216Z", "id": "CVE-2023-39550", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-17T14:24:59.568Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.netgear.com/about/security/", "tags": ["x_transferred"]}, {"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:10:21.460Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-39550", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-17T14:21:21.614216Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:netgear:jwnr2000v2:-:*:*:*:*:*:*:*"], "vendor": "netgear", "product": "jwnr2000v2", "versions": [{"status": "affected", "version": "v1.0.0.11,"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:netgear:xwn5001:-:*:*:*:*:*:*:*"], "vendor": "netgear", "product": "xwn5001", "versions": [{"status": "affected", "version": "v0.4.1.1"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:netgear:xavn2001v2:-:*:*:*:*:*:*:*"], "vendor": "netgear", "product": "xavn2001v2", "versions": [{"status": "affected", "version": "v0.4.0.7"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-17T14:24:51.091Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.netgear.com/about/security/"}, {"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md"}], "descriptions": [{"lang": "en", "value": "Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-08-07T00:00:00"}}}, "cveMetadata": {"cveId": "CVE-2023-39550", "state": "PUBLISHED", "dateUpdated": "2024-10-17T14:24:59.568Z", "dateReserved": "2023-08-04T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-08-07T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:jwnr2000v2_firmware:1.0.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "21E91328-4F46-42D4-A99F-A83AE71C8F2D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:jwnr2000v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "32886871-051A-40D8-97FA-6DCD20714D79", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:xwn5001_firmware:0.4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9C025A46-FB26-409A-888F-7336F871AC8A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:xwn5001:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EEF5DCA-0EDB-4966-95AC-52B2661B8D1B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:xavn2001v2_firmware:0.4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "6A2B5F63-7A1F-41F9-8184-112AB2D0979C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:xavn2001v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "9DA4AFAA-8FBF-43FB-B2FB-8FF806FF2BBB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function."}], "id": "CVE-2023-39550", "lastModified": "2024-11-21T08:15:39.607", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-07T19:15:11.987", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.netgear.com/about/security/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/FirmRec/IoT-Vulns/blob/main/netgear/http_passwd_auth/README.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.netgear.com/about/security/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}