Dave McDaniel of Cisco Talos discovered these vulnerabilities.
The NETGEAR N300 line of wireless routers contains two denial-of-service vulnerabilities. The N300 is a small and affordable wireless router that contains the basic features of a wireless router. An attacker could exploit these bugs by sending specific SOAP and HTTP requests to different functions of the router, causing it to crash entirely.
In accordance with our coordinated disclosure policy, Cisco Talos worked with NETGEAR to ensure that these issues are resolved and that an update is available for affected customers.
Vulnerability details
NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability (TALOS-2019-0831/CVE-2019-5054)
An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP service crashing. An unauthenticated attacker can send a specially crafted HTTP request to trigger this vulnerability.
Read the complete vulnerability advisory here for additional information.
NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability (TALOS-2019-0832/CVE-2019-5055)
An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5) wireless router. A SOAP request sent in an invalid sequence to the service can cause a null ..
Support the originator by clicking the read the rest link below.
