CVE-2024-51013 identifies a stack-based buffer overflow vulnerability in the Netgear R7000P router firmware version 1.3.3.154. The flaw exists in the wireless.cgi web interface, specifically through the RADIUSAddr%d_wla parameter, which is used to configure RADIUS server addresses for wireless authentication. When processing a crafted POST request containing malicious input in this parameter, the device fails to properly validate input length, leading to a stack overflow (CWE-120). This overflow can overwrite the stack, causing the router's wireless.cgi process to crash or reboot, resulting in a Denial of Service (DoS). The vulnerability requires low attack complexity and low privileges (PR:L), meaning an attacker must have some authenticated access or be on the local network but does not require user interaction. The CVSS 3.1 score of 5.7 reflects a medium severity, primarily due to the impact on availability without confidentiality or integrity compromise. No public exploits or patches are currently known, indicating this is a newly disclosed vulnerability. The affected firmware version is 1.3.3.154, and no other versions are specified. The vulnerability highlights the risks of insufficient input validation in embedded device web interfaces, which can be exploited to disrupt network infrastructure.

The primary impact of CVE-2024-51013 is a Denial of Service condition on affected Netgear R7000P routers. This can cause network outages or intermittent connectivity loss for organizations relying on these devices for wireless access or routing. While the vulnerability does not expose sensitive data or allow code execution, the loss of availability can disrupt business operations, especially in environments where these routers serve as critical network gateways or wireless controllers. The requirement for low privileges and local network access limits remote exploitation but does not eliminate risk in environments with exposed management interfaces or compromised internal networks. The absence of known exploits reduces immediate risk, but attackers may develop exploits over time. Organizations with large deployments of this router model, particularly in SMBs, educational institutions, or branch offices, may face operational disruptions until patched. The vulnerability also underscores the need for robust network segmentation and monitoring to detect anomalous POST requests targeting wireless.cgi.

To mitigate CVE-2024-51013, organizations should first verify if they are running Netgear R7000P firmware version 1.3.3.154. If so, they should restrict access to the router’s management interfaces, especially the wireless.cgi endpoint, to trusted administrators only, ideally via VPN or secure management VLANs. Network segmentation should be employed to isolate wireless management traffic from general user networks. Monitoring and logging of HTTP POST requests to wireless.cgi can help detect attempts to exploit the vulnerability. Since no official patch is currently available, organizations should contact Netgear support for guidance and watch for firmware updates addressing this issue. As a temporary measure, disabling remote management and restricting local network access to the device can reduce exposure. Additionally, implementing rate limiting and intrusion detection systems to identify malformed POST requests targeting RADIUSAddr%d_wla parameters can provide early warning. Finally, organizations should maintain regular backups and have incident response plans ready to address potential DoS events.