• Home
  • |
  • Blog
  • |
  • How To Fix CVE-2021-34991- A Pre-Authentication Buffer Overflow On Multiple Netgear Products?
How To Fix CVE-2021-34991 | Pre-Authentication Buffer Overflow on Netgear

Researchers identified a pre-authentication buffer overflow vulnerability (CVE-2021-34991) that affects multiple Small Offices/Home Offices (SOHO) Netgear router modules. The vulnerability tracked as CVE-2021-34991 lets attackers perform remote code execution attacks on the vulnerable devices and take control of the devices from the remote. Let’s see how to fix CVE-2021-34991- A Pre-Authentication Buffer Overflow vulnerability on Multiple Netgear Products.

Summary of CVE-2021-34991:

Associated CVE IDCVE-2021-34991
DescriptionA pre-authentication buffer overflow vulnerability allows network-adjacent attackers to execute arbitrary code on affected Netgear products.
Associated ZDI IDDI-CAN-14110
CVSS Score8.8 High
VectorAV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score5.9
Exploitability Score2.8
Attack Vector (AV)Adjacent
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
Confidentiality (C)High
Integrity (I)High
availability (a)High

Researchers identified a pre-authentication buffer overflow vulnerability (CVE-2021-34991) that affects multiple Small Offices/Home Offices (SOHO) Netgear router modules. The vulnerability tracked as CVE-2021-34991 lets attackers perform remote code execution attacks on the vulnerable devices and take control of the devices from the remote. Let’s see how to fix CVE-2021-34991- A Pre-Authentication Buffer Overflow vulnerability on Multiple Netgear Products.

This vulnerability is associated with the UPnP service, a service that is used by networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points, and mobile devices to discover other network devices on the same network to establish other functional network services.

UPnP service allows any device on the network to connect to the server without authentication and reconfigure the network to support its operations. This feature of UPnP provides a large attack surface for the attacker as the service allows unauthenticated HTTP SUBSCRIBE and UNSUBSCRIBE requests from clients who wish to receive updates and parse complex input to handle those requests.

The vulnerability that exists in the validation of the UUID request header comes as input. Since there is no proper validation process in the length of user-supplied data prior to copying it to a fixed-length stack-based buffer, an attacker can send more data to the local stack buffer and then validate it. This allows the attacker to perform a Pre-Authentication Buffer Overflow attack.

The disturbing part of the vulnerability is since the UPnP service runs in root privilege, the attacker can perform code executions with root privileges. You can read the original post for complete technical details.

List Of Netgear Products Vulnerable To CVE-2021-34991 Buffer Overflow Vulnerability:

As per the report, these are the Netgear products vulnerable to the buffer overflow vulnerability.

List Of Products Netgear Released Fix For The CVE-2021-34991 Vulnerability:

at the time of publishing this post, NETGEAR has released fixes for the following products:
Extenders:

  • EX3700 fixed in firmware version 1.0.0.94
  • EX3800 fixed in firmware version 1.0.0.94
  • EX6120 fixed in firmware version 1.0.0.66
  • EX6130 fixed in firmware version 1.0.0.66

Routers:

  • R6400 fixed in firmware version 1.0.1.76
  • R6400v2 fixed in firmware version 1.0.4.120
  • R6700v3 fixed in firmware version 1.0.4.120
  • R6900P fixed in firmware version 1.3.3.142_HOTFIX
  • R7000 fixed in firmware version 1.0.11.128
  • R7000P fixed in firmware version 1.3.3.142_HOTFIX
  • R7100LG fixed in firmware version 1.0.0.72
  • R7850 fixed in firmware version 1.0.5.76
  • R7900P fixed in firmware version 1.4.2.84
  • R7960P fixed in firmware version 1.4.2.84
  • R8000 fixed in firmware version 1.0.4.76
  • R8000P fixed in firmware version 1.4.2.84
  • R8300 fixed in firmware version 1.0.2.156
  • R8500 fixed in firmware version 1.0.2.156
  • RAX15 fixed in firmware version 1.0.4.100
  • RAX20 fixed in firmware version 1.0.4.100
  • RAX200 fixed in firmware version 1.0.5.132
  • RAX35v2 fixed in firmware version 1.0.4.100
  • RAX38v2 fixed in firmware version 1.0.4.100
  • RAX40v2 fixed in firmware version 1.0.4.100
  • RAX42 fixed in firmware version 1.0.4.100
  • RAX43 fixed in firmware version 1.0.4.100
  • RAX45 fixed in firmware version 1.0.4.100
  • RAX48 fixed in firmware version 1.0.4.100
  • RAX50 fixed in firmware version 1.0.4.100
  • RAX50S fixed in firmware version 1.0.4.100
  • RAX75 fixed in firmware version 1.0.5.132
  • RAX80 fixed in firmware version 1.0.5.132
  • RAXE450 fixed in firmware version 1.0.8.70
  • RAXE500 fixed in firmware version 1.0.8.70
  • RS400 fixed in firmware version 1.5.1.80
  • WNDR3400v3 fixed in firmware version 1.0.1.42
  • WNR3500Lv2 fixed in firmware version 1.2.0.70
  • XR300 fixed in firmware version 1.0.3.68

DSL Modem Routers:

  • D6220 fixed in firmware version 1.0.0.76
  • D6400 fixed in firmware version 1.0.0.108
  • D7000v2 fixed in firmware version 1.0.0.76
  • DGN2200v4 fixed in firmware version 1.0.0.126

AirCards

  • DC112A fixed in firmware version 1.0.0.62

Cable Modems

  • CAX80 fixed in firmware version 2.1.3.5

How To Fix CVE-2021-34991- A Pre-Authentication Buffer Overflow Vulnerability?

Netgear has released a patch and released patch along with new firmware. recommends downloading the latest firmware for your NETGEAR product.

Time needed: 10 minutes.

How To Fix CVE-2021-34991, A Pre-Authentication Buffer Overflow Vulnerability?

You can fix CVE-2021-34991 vulnerability by upgrading the firmware of your product to the latest version.

If your product supports one of the Netgear apps, use the app to update your firmware.
1. Orbi products: NETGEAR Orbi app
2. NETGEAR WiFi routers: NETGEAR Nighthawk app

If you have a product that doesn’t support any of the apps, visit the support portal, download the firmware as shown here below, and install it manually.

  1. Visit the Netgear Support site

    URL: https://www.netgear.com/support/

    Netgear Support Portal

  2. Search your product in the search box

    As soon as you start typing your model number in the search box, you will see your model in the drop-down menu. Select your model as soon as it appears.


    Seaarch your product in the search box

  3. Download the firmware

    Click on the download button to download the firmware for your model.
    Under Current Versions, select the first download whose title begins with Firmware Version.

    Download the firmware

  4. Install the firmware

    Follow the instructions to install the firmware version. Please refer to the installation guide of your product for further assistance.

    Note: Click on the Documents button to download the installation guide and other documentation about the product.

    Download the documentation of Netgear

We hope this post will help you in knowing how to fix CVE-2021-34991- A Pre-Authentication Buffer Overflow vulnerability on Multiple Netgear Products. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this.

About the author

Arun KL

To know more about me. Follow me on LinkedIn Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.