Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 22.214.171.124, D6000 before 126.96.36.199, D6100 before 188.8.131.52, D7800 before 184.108.40.206, R6100 before 220.127.116.11, R7500 before 18.104.22.168, R7500v2 before 22.214.171.124, R9000 before 126.96.36.199, WNDR3700v4 before 188.8.131.52, WNDR4300 before 184.108.40.206, WNDR4300v2 before 220.127.116.11, WNDR4500v3 before 18.104.22.168, and WNR2000v5 before 22.214.171.124.
CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.