CVE-2024-52023 is a stack-based buffer overflow vulnerability identified in specific firmware versions of Netgear routers: XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128. The flaw exists in the handling of the pppoe_localip parameter within the pppoe2.cgi CGI endpoint. By sending a specially crafted POST request containing malicious input to this parameter, an attacker with low privileges can trigger a stack overflow condition. This overflow can cause the router to crash or reboot, resulting in a Denial of Service (DoS) that disrupts network availability. The vulnerability does not allow for code execution or data leakage but impacts service continuity. The CVSS v3.1 score of 5.7 reflects a medium severity rating, with an attack vector requiring adjacent network access, low attack complexity, and no user interaction. No public exploits or patches are currently available, and the vulnerability is classified under CWE-120 (Classic Buffer Overflow).

The primary impact of CVE-2024-52023 is on the availability of affected Netgear routers. Successful exploitation results in a Denial of Service, causing network outages or interruptions for users relying on these devices. This can affect both home users and small to medium-sized enterprises that deploy these models. Disruptions could lead to loss of productivity, inability to access network resources, and potential cascading effects if these routers serve as critical network gateways. Since the vulnerability does not compromise confidentiality or integrity, data theft or manipulation is not a direct concern. However, repeated or targeted DoS attacks could be leveraged as part of larger multi-vector attacks or to facilitate lateral movement by distracting defenders.

Organizations should immediately identify if they use the affected Netgear models and firmware versions. Since no official patches are currently available, temporary mitigations include restricting access to the router management interfaces, especially blocking POST requests to the pppoe2.cgi endpoint from untrusted or external networks. Network segmentation should isolate these devices from general user networks to limit exposure. Monitoring network traffic for unusual POST requests targeting pppoe2.cgi can help detect exploitation attempts. Administrators should subscribe to Netgear security advisories for timely patch releases and apply firmware updates as soon as they become available. Additionally, consider deploying network-based DoS protection mechanisms and maintaining regular backups of router configurations to facilitate rapid recovery.