Primary

Context

Netgear WNCE3001 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Patched

A critical stack-based buffer overflow vulnerability has been identified in the Netgear WNCE3001 wireless adapter, specifically in version 1.0.0.50. The issue arises in the HTTP POST request handler, where the 'Host' header is processed by the 'http_d' function. The vulnerability can be exploited remotely by sending a crafted POST request that exceeds the buffer's capacity, leading to a stack overflow.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can overwrite the return address of the function and potentially allow for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by sending a POST request to the device's HTTP server with a 'Host' header that exceeds 128 bytes. This can be done using a Python script that establishes a TCP connection to the device and sends the crafted request. The script should include the payload in the 'Host' header to trigger the overflow.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.6

remediation

7.7

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.6

remediation

7.7

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netgear WNCE3001 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Netgear WNCE3001

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating