Table of Contents
  • Home
  • /
  • Blog
  • /
  • How To Fix CVE-2021-34991- A Pre-Authentication Buffer Overflow On Multiple Netgear Products?
November 19, 2021
|
6m

How To Fix CVE-2021-34991- A Pre-Authentication Buffer Overflow On Multiple Netgear Products?


How To Fix Cve 2021 34991 A Pre Authentication Buffer Overflow On Netgear

Researchers identified a pre-authentication buffer overflow vulnerability (CVE-2021-34991) that affects multiple Small Offices/Home Offices (SOHO) Netgear router modules. The vulnerability tracked as CVE-2021-34991 lets attackers perform remote code execution attacks on the vulnerable devices and take control of the devices from the remote. Lets see how to fix CVE-2021-34991- A Pre-Authentication Buffer Overflow vulnerability on Multiple Netgear Products.

Summary of CVE-2021-34991:

Associated CVE IDCVE-2021-34991
DescriptionA pre-authentication buffer overflow vulnerability allows network-adjacent attackers to execute arbitrary code on affected Netgear products.
Associated ZDI IDDI-CAN-14110
CVSS Score8.8 High
VectorAV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score5.9
Exploitability Score2.8
Attack Vector (AV)Adjacent
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
Confidentiality (C)High
Integrity (I)High
availability (a)High

Researchers identified a pre-authentication buffer overflow vulnerability (CVE-2021-34991) that affects multiple Small Offices/Home Offices (SOHO) Netgear router modules. The vulnerability tracked as CVE-2021-34991 lets attackers perform remote code execution attacks on the vulnerable devices and take control of the devices from the remote. Lets see how to fix CVE-2021-34991- A Pre-Authentication Buffer Overflow vulnerability on Multiple Netgear Products.

This vulnerability is associated with the UPnP service, a service that is used by networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points, and mobile devices to discover other network devices on the same network to establish other functional network services.

UPnP service allows any device on the network to connect to the server without authentication and reconfigure the network to support its operations. This feature of UPnP provides a large attack surface for the attacker as the service allows unauthenticated HTTP SUBSCRIBE and UNSUBSCRIBE requests from clients who wish to receive updates and parse complex input to handle those requests.

The vulnerability that exists in the validation of the UUID request header comes as input. Since there is no proper validation process in the length of user-supplied data prior to copying it to a fixed-length stack-based buffer, an attacker can send more data to the local stack buffer and then validate it. This allows the attacker to perform a Pre-Authentication Buffer Overflow attack.

The disturbing part of the vulnerability is since the UPnP service runs in root privilege, the attacker can perform code executions with root privileges. You can read the original post for complete technical details.

List Of Netgear Products Vulnerable To CVE-2021-34991 Buffer Overflow Vulnerability:

As per the report, these are the Netgear products vulnerable to the buffer overflow vulnerability.

List Of Products Netgear Released Fix For The CVE-2021-34991 Vulnerability:

at the time of publishing this post, NETGEAR has released fixes for the following products:
Extenders:

  • EX3700 fixed in firmware version 1.0.0.94

  • EX3800 fixed in firmware version 1.0.0.94

  • EX6120 fixed in firmware version 1.0.0.66

  • EX6130 fixed in firmware version 1.0.0.66

Routers:

  • R6400 fixed in firmware version 1.0.1.76

  • R6400v2 fixed in firmware version 1.0.4.120

  • R6700v3 fixed in firmware version 1.0.4.120

  • R6900P fixed in firmware version 1.3.3.142_HOTFIX

  • R7000 fixed in firmware version 1.0.11.128

  • R7000P fixed in firmware version 1.3.3.142_HOTFIX

  • R7100LG fixed in firmware version 1.0.0.72

  • R7850 fixed in firmware version 1.0.5.76

  • R7900P fixed in firmware version 1.4.2.84

  • R7960P fixed in firmware version 1.4.2.84

  • R8000 fixed in firmware version 1.0.4.76

  • R8000P fixed in firmware version 1.4.2.84

  • R8300 fixed in firmware version 1.0.2.156

  • R8500 fixed in firmware version 1.0.2.156

  • RAX15 fixed in firmware version 1.0.4.100

  • RAX20 fixed in firmware version 1.0.4.100

  • RAX200 fixed in firmware version 1.0.5.132

  • RAX35v2 fixed in firmware version 1.0.4.100

  • RAX38v2 fixed in firmware version 1.0.4.100

  • RAX40v2 fixed in firmware version 1.0.4.100

  • RAX42 fixed in firmware version 1.0.4.100

  • RAX43 fixed in firmware version 1.0.4.100

  • RAX45 fixed in firmware version 1.0.4.100

  • RAX48 fixed in firmware version 1.0.4.100

  • RAX50 fixed in firmware version 1.0.4.100

  • RAX50S fixed in firmware version 1.0.4.100

  • RAX75 fixed in firmware version 1.0.5.132

  • RAX80 fixed in firmware version 1.0.5.132

  • RAXE450 fixed in firmware version 1.0.8.70

  • RAXE500 fixed in firmware version 1.0.8.70

  • RS400 fixed in firmware version 1.5.1.80

  • WNDR3400v3 fixed in firmware version 1.0.1.42

  • WNR3500Lv2 fixed in firmware version 1.2.0.70

  • XR300 fixed in firmware version 1.0.3.68

DSL Modem Routers:

  • D6220 fixed in firmware version 1.0.0.76

  • D6400 fixed in firmware version 1.0.0.108

  • D7000v2 fixed in firmware version 1.0.0.76

  • DGN2200v4 fixed in firmware version 1.0.0.126

AirCards

  • DC112A fixed in firmware version 1.0.0.62

Cable Modems

  • CAX80 fixed in firmware version 2.1.3.5

How To Fix CVE-2021-34991- A Pre-Authentication Buffer Overflow Vulnerability?

Netgear has released a patch and released patch along with new firmware. recommends downloading the latest firmware for your NETGEAR product.

You can fix CVE-2021-34991 vulnerability by upgrading the firmware of your product to the latest version.

If your product supports one of the Netgear apps, use the app to update your firmware.
1. Orbi products: NETGEAR Orbi app
2. NETGEAR WiFi routers: NETGEAR Nighthawk app

If you have a product that doesnt support any of the apps, visit the support portal, download the firmware as shown here below, and install it manually.

Step 1. Visit the Netgear Support site

URL: https://www.netgear.com/support/

Step 2. Search your product in the search box

As soon as you start typing your model number in the search box, you will see your model in the drop-down menu. Select your model as soon as it appears.


Step 3. Download the firmware

Click on the download button to download the firmware for your model.
Under 
Current Versions, select the first download whose title begins with Firmware Version.

Step 4. Install the firmware

Follow the instructions to install the firmware version. Please refer to the installation guide of your product for further assistance.

Note: Click on the
Documents button to download the installation guide and other documentation about the product.

We hope this post would help you in knowing how to fix CVE-2021-34991- A Pre-Authentication Buffer Overflow vulnerability on Multiple Netgear Products. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Application Security

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe