Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 220.127.116.11, D6000 before 18.104.22.168, D6200 before 1.1.00.36, D7000 before 22.214.171.124, EX6200v2 before 126.96.36.199, EX7000 before 188.8.131.52, EX8000 before 184.108.40.206, JR6150 before 220.127.116.11, PR2000 before 18.104.22.168, R6020 before 22.214.171.124, R6050 before 126.96.36.199, R6080 before 188.8.131.52, R6120 before 184.108.40.206, R6220 before 220.127.116.11, R6260 before 18.104.22.168, R6300v2 before 22.214.171.124, R6700 before 126.96.36.199, R6700v2 before 188.8.131.52, R6800 before 184.108.40.206, R6900 before 220.127.116.11, R6900P before 18.104.22.168, R6900v2 before 22.214.171.124, R7000 before 126.96.36.199, R7000P before 188.8.131.52, R7800 before 184.108.40.206, R8900 before 220.127.116.11, R9000 before 18.104.22.168, and XR500 before 22.214.171.124.
CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.