CVE-2020-15636
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-15636
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware 1.0.4.84_10.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the check_ra service. A crafted raePolicyVersion in a RAE_Policy.json file can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9852.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款NETGEAR产品缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NETGEAR R6400等都是美国网件(NETGEAR)公司的一款无线路由器。 使用1.0.4.84_10.0.58版本固件的多款NETGEAR产品中的check_ra服务存在缓冲区错误漏洞。远程攻击者可借助特制的raePolicyVersion利用该漏洞执行任意代码。以下产品及版本受到影响:NETGEAR R6400;R6700;R7000;R7850;R7900;R8000;RS400;XR300。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| NETGEAR | Multiple Routers | 1.0.4.84_10.0.58 | - |
II. Public POCs for CVE-2020-15636
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-15636
请登录查看更多情报信息。
- https://www.zerodayinitiative.com/advisories/ZDI-20-937/x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-15636
Same Patch Batch · NETGEAR · 2020-08-19 · 3 CVEs total
| CVE-2020-15635 | NETGEAR R6700 缓冲区错误漏洞 | |
| CVE-2020-15634 | NETGEAR R6700 格式化字符串错误漏洞 |
IV. Related Vulnerabilities
Same product: Multiple Routers
- CVE-2025-2773
BEC Technologies Multiple Routers sys ping Command Injection - CVE-2025-2772
BEC Technologies Multiple Routers Insufficiently Protected C - CVE-2025-2771
BEC Technologies Multiple Routers Authentication Bypass Vuln - CVE-2025-2770
BEC Technologies Multiple Routers Cleartext Password Storage - CVE-2021-34983
NETGEAR Multiple Routers httpd Missing Authentication for Cr
Same vendor: NETGEAR
- CVE-2026-24714
NETGEAR PR2000 安全漏洞 - CVE-2026-0404
Insufficient input validation in NETGEAR Orbi routers - CVE-2026-0408
Path traversal vulnerability in Netgear WiFi Range Extenders - CVE-2026-0407
Authentication bypass in NETGEAR WiFi Range Extenders via ne - CVE-2026-0406
Insufficient input validation in NETGEAR Nighthawk router XR
Same weakness: CWE-121
- CVE-2026-9150
Libsolv: stack-based buffer overflow in libsolv's debian met - CVE-2026-8836
lwIP snmpv3 USM snmp_msg.c snmp_parse_inbound_frame stack-ba - CVE-2018-25322
Allok Fast AVI MPEG Splitter 1.2 Stack Based Buffer Overflow - CVE-2026-8733
Investintech SlimPDFReader SlimPDFReader.exe sub_3B4610 stac - CVE-2026-41963
Huawei HarmonyOS 安全漏洞
V. Comments for CVE-2020-15636
No comments yet