Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 184.108.40.206, D6400 before 220.127.116.11, D7000v2 before 18.104.22.168, D8500 before 22.214.171.124, DC112A before 126.96.36.199, EX7000 before 188.8.131.52, EX7500 before 184.108.40.206, R6250 before 220.127.116.11, R6300v2 before 18.104.22.168, R6400 before 22.214.171.124, R6400v2 before 126.96.36.199, R6700v3 before 188.8.131.52, R7000 before 184.108.40.206, R7100LG before 220.127.116.11, R7850 before 18.104.22.168, R7900 before 22.214.171.124, R7960P before 126.96.36.199, R8000 before 188.8.131.52, RAX200 before 184.108.40.206, RBS40V before 220.127.116.11, RS400 before 18.104.22.168, XR300 before 22.214.171.124, R7000P before 126.96.36.199, R8000P before 188.8.131.52, R8500 before 184.108.40.206, RAX80 before 220.127.116.11, R6900P before 18.104.22.168, R7900P before 22.214.171.124, R8300 before 126.96.36.199, RAX75 before 188.8.131.52, RBR750 before 184.108.40.206, RBR850 before 220.127.116.11, RBS750 before 18.104.22.168, RBS850 before 22.214.171.124, RBK752 before 126.96.36.199, and RBK852 before 188.8.131.52.
CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.