OpenCVE

An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the CRC check. A successful attack can either introduce a backdoor to the device or make the device DoS. This affects Firmware Version: 1.1.1_1.1.9.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Netgear	Wpn824ext Wpn824ext Firmware

Configuration 1 [-]

AND

cpe:2.3:o:netgear:wpn824ext_firmware:1.1.1_1.1.9:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wpn824ext:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://hackmd.io/%40eupX2KdkT6iNpqJUWk9p4A/SyAnOSd1s
https://www.netgear.com/about/security/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-20T17:47:27

Updated: 2024-08-03T11:10:32.249Z

Reserved: 2022-08-29T00:00:00

Link: CVE-2022-38955

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-20T18:15:10.360

Modified: 2024-11-21T07:17:16.800

Link: CVE-2022-38955

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the CRC check. A successful attack can either introduce a backdoor to the device or make the device DoS. This affects Firmware Version: 1.1.1_1.1.9."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-20T17:47:27", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.netgear.com/about/security/"}, {"tags": ["x_refsource_MISC"], "url": "https://hackmd.io/%40eupX2KdkT6iNpqJUWk9p4A/SyAnOSd1s"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-38955", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the CRC check. A successful attack can either introduce a backdoor to the device or make the device DoS. This affects Firmware Version: 1.1.1_1.1.9."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.netgear.com/about/security/", "refsource": "MISC", "url": "https://www.netgear.com/about/security/"}, {"name": "https://hackmd.io/@eupX2KdkT6iNpqJUWk9p4A/SyAnOSd1s", "refsource": "MISC", "url": "https://hackmd.io/@eupX2KdkT6iNpqJUWk9p4A/SyAnOSd1s"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T11:10:32.249Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.netgear.com/about/security/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackmd.io/%40eupX2KdkT6iNpqJUWk9p4A/SyAnOSd1s"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-38955", "datePublished": "2022-09-20T17:47:27", "dateReserved": "2022-08-29T00:00:00", "dateUpdated": "2024-08-03T11:10:32.249Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:wpn824ext_firmware:1.1.1_1.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "CE64B5C4-A1B2-44EF-B7C2-C1D5B780C613", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:wpn824ext:-:*:*:*:*:*:*:*", "matchCriteriaId": "9593E661-FFF8-40E0-AB35-94CEA98BF901", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the CRC check. A successful attack can either introduce a backdoor to the device or make the device DoS. This affects Firmware Version: 1.1.1_1.1.9."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad de modificaci\u00f3n del firmware explotable en el extensor de rango WiFi WPN824EXT de Netgear. Un atacante puede llevar a cabo un ataque de tipo MITM para modificar la imagen de firmware cargada por el usuario y omitir la comprobaci\u00f3n CRC. Un ataque con \u00e9xito puede introducir una puerta trasera en el dispositivo o hacer que el dispositivo sea DoS. Esto afecta a la versi\u00f3n de firmware: 1.1.1_1.1.9"}], "id": "CVE-2022-38955", "lastModified": "2024-11-21T07:17:16.800", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-20T18:15:10.360", "references": [{"source": "cve@mitre.org", "url": "https://hackmd.io/%40eupX2KdkT6iNpqJUWk9p4A/SyAnOSd1s"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.netgear.com/about/security/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://hackmd.io/%40eupX2KdkT6iNpqJUWk9p4A/SyAnOSd1s"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.netgear.com/about/security/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-354"}], "source": "nvd@nist.gov", "type": "Primary"}]}