Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 220.127.116.11, D7000v2 before 18.104.22.168, D7800 before 22.214.171.124, D8500 before 126.96.36.199, DGN2200v4 before 188.8.131.52, DGND2200Bv4 before 184.108.40.206, DM200 before 220.127.116.11, JNDR3000 before 18.104.22.168, RBK50 before 22.214.171.124, RBR50 before 126.96.36.199, RBS50 before 188.8.131.52, RBW30 before 184.108.40.206, R6250 before 220.127.116.11, R6300v2 before 18.104.22.168, R6400 before 22.214.171.124, R6400v2 before 126.96.36.199, R6700 before 188.8.131.52, R6900 before 184.108.40.206, R7000 before 220.127.116.11, R6900P before 18.104.22.168, R7000P before 22.214.171.124, R7100LG before 126.96.36.199, R7300DST before 188.8.131.52, R7500v2 before 184.108.40.206, R7800 before 220.127.116.11, R7900 before 18.104.22.168, R8000 before 22.214.171.124, R7900P before 126.96.36.199, R8000P before 188.8.131.52, R8300 before 184.108.40.206, R8500 before 220.127.116.11, R8900 before 18.104.22.168, R9000 before 22.214.171.124, WNDR3400v3 before 126.96.36.199, WNDR3700v4 before 188.8.131.52, WNDR4300v1 before 184.108.40.206, WNDR4300v2 before 220.127.116.11, WNDR4500v3 before 18.104.22.168, WNR2000v5 before 22.214.171.124, and WNR3500Lv2 before 126.96.36.199.
CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.