Sign-up

ID

VAR-202203-1668


CVE

CVE-2022-27642


TITLE

NETGEAR R6700v3 Information Disclosure Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2025-17536 // CNNVD: CNNVD-202203-2054

DESCRIPTION

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854. cax80 firmware, LAX20 firmware, MR60 Multiple Netgear products, including firmware, contain vulnerabilities related to unauthorized authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The NETGEAR R6700v3 is the Nighthawk AC1750 Smart Dual-Band Gigabit Router from NETGEAR

Trust: 2.88

sources: NVD: CVE-2022-27642 // JVNDB: JVNDB-2022-021793 // ZDI: ZDI-22-518 // CNVD: CNVD-2025-17536 // VULMON: CVE-2022-27642

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-17536

AFFECTED PRODUCTS

vendor:netgearmodel:lax20scope:ltversion:1.1.6.34

Trust: 1.0

vendor:netgearmodel:r6700scope:ltversion:1.0.4.126

Trust: 1.0

vendor:netgearmodel:rax42scope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:r6400scope:ltversion:1.0.4.126

Trust: 1.0

vendor:netgearmodel:rax50sscope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:rax48scope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:r6400scope:ltversion:1.0.1.78

Trust: 1.0

vendor:netgearmodel:r7960pscope:ltversion:1.4.3.88

Trust: 1.0

vendor:netgearmodel:r8000pscope:ltversion:1.4.3.88

Trust: 1.0

vendor:netgearmodel:r7100lgscope:ltversion:1.0.0.76

Trust: 1.0

vendor:netgearmodel:rax75scope:ltversion:1.0.6.138

Trust: 1.0

vendor:netgearmodel:mr80scope:ltversion:1.1.6.14

Trust: 1.0

vendor:netgearmodel:ms80scope:ltversion:1.1.6.14

Trust: 1.0

vendor:netgearmodel:mr60scope:ltversion:1.1.6.124

Trust: 1.0

vendor:netgearmodel:rax80scope:ltversion:1.0.6.138

Trust: 1.0

vendor:netgearmodel:r7850scope:ltversion:1.0.5.84

Trust: 1.0

vendor:netgearmodel:rax40scope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:rs400scope:ltversion:1.5.1.86

Trust: 1.0

vendor:netgearmodel:r8500scope:ltversion:1.0.2.158

Trust: 1.0

vendor:netgearmodel:rax20scope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:ms60scope:ltversion:1.1.6.124

Trust: 1.0

vendor:netgearmodel:r7000pscope:ltversion:1.3.3.148

Trust: 1.0

vendor:netgearmodel:rax38scope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:r7000scope:ltversion:1.0.11.134

Trust: 1.0

vendor:netgearmodel:r7900pscope:ltversion:1.4.3.88

Trust: 1.0

vendor:netgearmodel:r6900pscope:ltversion:1.3.3.148

Trust: 1.0

vendor:netgearmodel:rax43scope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:cax80scope:ltversion:2.1.3.7

Trust: 1.0

vendor:netgearmodel:r8000scope:ltversion:1.0.4.84

Trust: 1.0

vendor:netgearmodel:rax50scope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:rax15scope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:rax200scope:ltversion:1.0.6.138

Trust: 1.0

vendor:netgearmodel:rax35scope:ltversion:1.0.10.110

Trust: 1.0

vendor:netgearmodel:rax45scope:ltversion:1.0.10.110

Trust: 1.0

vendor:ネットギアmodel:r7960pscope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r8000scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:ms80scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:mr80scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:lax20scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r7850scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6700scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6400scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r8500scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:mr60scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r6900pscope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r7000pscope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rax20scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:cax80scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:ms60scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r7900pscope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r7000scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:rax15scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:r8000pscope: - version: -

Trust: 0.8

vendor:netgearmodel:r6700v3scope: - version: -

Trust: 0.7

vendor:netgearmodel:r6700v3 1.0.4.120 10.0.91scope: - version: -

Trust: 0.6

sources: ZDI: ZDI-22-518 // CNVD: CNVD-2025-17536 // JVNDB: JVNDB-2022-021793 // NVD: CVE-2022-27642

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com: CVE-2022-27642
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2022-27642
value: HIGH

Trust: 1.0

NVD: CVE-2022-27642
value: HIGH

Trust: 0.8

ZDI: CVE-2022-27642
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2025-17536
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202203-2054
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-17536
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

zdi-disclosures@trendmicro.com: CVE-2022-27642
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 3.4
version: 3.0

Trust: 1.0

nvd@nist.gov: CVE-2022-27642
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-27642
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2022-27642
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 3.4
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-518 // CNVD: CNVD-2025-17536 // JVNDB: JVNDB-2022-021793 // CNNVD: CNNVD-202203-2054 // NVD: CVE-2022-27642 // NVD: CVE-2022-27642

PROBLEMTYPE DATA

problemtype:CWE-863

Trust: 1.0

problemtype:Illegal authentication (CWE-863) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-021793 // NVD: CVE-2022-27642

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202203-2054

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202203-2054

PATCH

title:NETGEAR has issued an update to correct this vulnerability.url:https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327

Trust: 0.7

title:Patch for NETGEAR R6700v3 Information Disclosure Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/713036

Trust: 0.6

title:NETGEAR R6700v3 Repair measures for information disclosure vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=232028

Trust: 0.6

sources: ZDI: ZDI-22-518 // CNVD: CNVD-2025-17536 // CNNVD: CNNVD-202203-2054

EXTERNAL IDS

db:NVDid:CVE-2022-27642

Trust: 4.6

db:ZDIid:ZDI-22-518

Trust: 3.8

db:JVNDBid:JVNDB-2022-021793

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-15854

Trust: 0.7

db:CNVDid:CNVD-2025-17536

Trust: 0.6

db:CS-HELPid:SB2022032410

Trust: 0.6

db:CNNVDid:CNNVD-202203-2054

Trust: 0.6

db:VULMONid:CVE-2022-27642

Trust: 0.1

sources: ZDI: ZDI-22-518 // CNVD: CNVD-2025-17536 // VULMON: CVE-2022-27642 // JVNDB: JVNDB-2022-021793 // CNNVD: CNNVD-202203-2054 // NVD: CVE-2022-27642

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-22-518/

Trust: 3.8

url:https://kb.netgear.com/000064723/security-advisory-for-multiple-vulnerabilities-on-multiple-products-psv-2021-0327

Trust: 3.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-27642

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-27642/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022032410

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/863.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-22-518 // CNVD: CNVD-2025-17536 // VULMON: CVE-2022-27642 // JVNDB: JVNDB-2022-021793 // CNNVD: CNNVD-202203-2054 // NVD: CVE-2022-27642

CREDITS

Bugscale team

Trust: 1.3

sources: ZDI: ZDI-22-518 // CNNVD: CNNVD-202203-2054

SOURCES

db:ZDIid:ZDI-22-518
db:CNVDid:CNVD-2025-17536
db:VULMONid:CVE-2022-27642
db:JVNDBid:JVNDB-2022-021793
db:CNNVDid:CNNVD-202203-2054
db:NVDid:CVE-2022-27642

LAST UPDATE DATE

2025-08-06T22:55:28.048000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-518date:2022-03-23T00:00:00
db:CNVDid:CNVD-2025-17536date:2025-08-05T00:00:00
db:VULMONid:CVE-2022-27642date:2023-03-30T00:00:00
db:JVNDBid:JVNDB-2022-021793date:2023-11-14T04:15:00
db:CNNVDid:CNNVD-202203-2054date:2023-04-06T00:00:00
db:NVDid:CVE-2022-27642date:2023-04-05T14:53:25.610

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-518date:2022-03-23T00:00:00
db:CNVDid:CNVD-2025-17536date:2025-07-29T00:00:00
db:VULMONid:CVE-2022-27642date:2023-03-29T00:00:00
db:JVNDBid:JVNDB-2022-021793date:2023-11-14T00:00:00
db:CNNVDid:CNNVD-202203-2054date:2022-03-23T00:00:00
db:NVDid:CVE-2022-27642date:2023-03-29T19:15:08.407