Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. This occurs because the ALG takes action based on an IP packet with an initial REGISTER substring in the TCP data, and the correct intranet IP address in the subsequent Via header, without properly considering that connection progress and fragmentation affect the meaning of the packet data.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NETGEAR 安全漏洞
Vulnerability Description
NETGEAR是美国网件(NETGEAR)公司的一款路由器。连接两个或多个网络的硬件设备,在网络间起网关的作用。 NETGEAR Nighthawk R7000 1.0.9.64_10.2.64版本中的SIP ALG implementation存在安全漏洞,该漏洞允许攻击者的机器与受害者机器上的任意TCP和UDP服务进行通信。
CVSS Information
N/A
Vulnerability Type
N/A