CVE-2021-34947— NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability

EPSS 0.39% · P60 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-34947

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability

Source: NVD (National Vulnerability Database)

Vulnerability Description

NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the soap_block_table file. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-13055.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

跨界内存写

Source: NVD (National Vulnerability Database)

Vulnerability Title

Netgear NETGEAR R7800 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Netgear NETGEAR R7800是美国网件（Netgear）公司的一款无线路由器。 NETGEAR R7800 routers 存在缓冲区错误漏洞，该漏洞源于缺乏对用户提供的数据的正确验证造成的，这可能导致写入超过分配的数据结构的末尾。攻击者可以利用此漏洞在 root 上下文中执行代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
NETGEAR	R7800	1.0.2.82	-

II. Public POCs for CVE-2021-34947

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-34947

请登录查看更多情报信息。

ZDI-21-1116 | Zero Day Initiativex_research-advisory
https://kb.netgear.com/000064044/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2021-0129vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2021-34947

Same Patch Batch · NETGEAR · 2024-05-07 · 4 CVEs total

CVE-2022-43654		NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability
CVE-2021-34983		NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Di
CVE-2021-34982		NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerabi

IV. Related Vulnerabilities

Same product: R7800

Same vendor: NETGEAR

Same weakness: CWE-787

V. Comments for CVE-2021-34947

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-34947— NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability

I. Basic Information for CVE-2021-34947

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-34947

III. Intelligence Information for CVE-2021-34947

Same Patch Batch · NETGEAR · 2024-05-07 · 4 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-34947

Leave a comment