Netgear 產品多個漏洞

影響

• 遠端執行程式碼
• 阻斷服務
• 資料洩露
• 繞過保安限制

受影響之系統或技術

• Netgear DSL Modem Router D6220
• Netgear DSL Modem Router D6400
• Netgear DSL Modem Router D7000v2
• Netgear Orbi WiFi System CBR40
• Netgear Router R6400
• Netgear Router R6400v2
• Netgear Router R6700v3
• Netgear Router R6900P
• Netgear Router R7000
• Netgear Router R7000P
• Netgear Router R8500
• Netgear Router RAX15
• Netgear Router RAX20
• Netgear Router RAX35v2
• Netgear Router RAX38v2
• Netgear Router RAX40v2
• Netgear Router RAX42
• Netgear Router RAX43
• Netgear Router RAX45
• Netgear Router RAX48
• Netgear Router RAX50
• Netgear Router RAX50S
• Netgear Router RS400
• Netgear Router WNDR3400v3
• Netgear Router WNR3500Lv2
• Netgear Router XR300
• Netgear Cable Modem Router CAX80
• Netgear Fixed Wireless LAX20
• Netgear Fixed Wireless R7100LG
• Netgear Nightthawk Mesh WiFi System MR80
• Netgear Nightthawk Mesh WiFi System MS80
• Netgear Wireless DC112A

詳情請參閱以下連結﹕

https://kb.netgear.com/000064724/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2021-0330?article=000064724

https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327?article=000064723

https://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325?article=000064722

https://kb.netgear.com/000064721/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0324?article=000064721

https://kb.netgear.com/000064720/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0323?article=000064720

https://kb.netgear.com/000064719/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0321?article=000064719

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

• 安裝供應商提供的修補程式：
  • https://kb.netgear.com/000064724/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2021-0330?article=000064724
  • https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327?article=000064723
  • https://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325?article=000064722
  • https://kb.netgear.com/000064721/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0324?article=000064721
  • https://kb.netgear.com/000064720/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0323?article=000064720
  • https://kb.netgear.com/000064719/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0321?article=000064719

漏洞識別碼

• CVE-2011-5325
• CVE-2022-27642
• CVE-2022-27643
• CVE-2022-27644
• CVE-2022-27645
• CVE-2022-27646
• CVE-2022-27647

資料來源

• Netgear Security Advisory

相關連結

• https://kb.netgear.com/000064724/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2021-0330?article=000064724
• https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327?article=000064723
• https://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325?article=000064722
• https://kb.netgear.com/000064721/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0324?article=000064721
• https://kb.netgear.com/000064720/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0323?article=000064720
• https://kb.netgear.com/000064719/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0321?article=000064719