CVE-2024-50995 is a stack-based buffer overflow vulnerability identified in the Netgear R8500 router firmware version 1.0.2.160. The flaw exists in the usb_remote_smb_conf.cgi CGI script, specifically in the handling of the share_name parameter. When processing a crafted POST request containing a specially constructed share_name value, the router's software fails to properly validate input length, leading to a stack overflow condition (CWE-120). This overflow can cause the router to crash or reboot, resulting in a Denial of Service (DoS). The vulnerability requires an attacker to have local network access and low privileges (PR:L), but no user interaction is needed (UI:N). The attack vector is adjacent network (AV:A), meaning the attacker must be on the same local or VPN network segment. The CVSS v3.1 base score is 5.7, reflecting medium severity due to the impact on availability only, with no confidentiality or integrity compromise. No known exploits have been reported in the wild, and no official patches have been released at the time of publication. The vulnerability highlights the risk of insufficient input validation in embedded device web interfaces, which can be exploited to disrupt network infrastructure.

The primary impact of CVE-2024-50995 is a Denial of Service condition on affected Netgear R8500 routers. This can disrupt network connectivity and availability for home users, small businesses, or enterprise environments relying on these devices. The DoS may cause router crashes or reboots, leading to temporary loss of internet access or internal network services. While the vulnerability does not allow data theft or device takeover, the loss of availability can affect business operations, remote work, and critical communications. Organizations with many deployed R8500 units could face widespread network interruptions if exploited at scale. The requirement for local network access limits remote exploitation but does not eliminate risk in environments with untrusted internal users or compromised devices. The absence of known exploits reduces immediate risk, but the lack of patches means the vulnerability remains exploitable once discovered by attackers.

To mitigate CVE-2024-50995, organizations should first verify if they are using the Netgear R8500 router with firmware version 1.0.2.160. Until an official patch is released, network administrators should restrict access to the router's management interfaces, especially the usb_remote_smb_conf.cgi endpoint, by implementing strong network segmentation and firewall rules that limit access to trusted hosts only. Disable or restrict SMB sharing features if not required, as this reduces the attack surface. Monitor network traffic for unusual POST requests targeting the vulnerable CGI script. Employ network intrusion detection systems (NIDS) with custom signatures to detect attempts to exploit the share_name parameter. Regularly check Netgear's official channels for firmware updates and apply patches promptly once available. Additionally, consider replacing vulnerable devices with models that have active security support if patching is delayed.