Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow.
Conclusion & alert: CVE-2022-48176 is rated Moderate Risk (44/100): CVSS High severity, with low exploitation likelihood (EPSS 0.45%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.07% | 0.45% | +0.38% |
| 2 | 2026-02-05 | 0.15% | 0.07% | -0.09% |
| 3 | 2026-02-01 | — | 0.15% | — |
Full EPSS history (8 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.8 | 3.1 | HIGH |
|
1.8 | 5.9 | [email protected] |
| 7.8 | 3.1 | HIGH |
|
1.8 | 5.9 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| netgear | r7000p_firmware | < 1.3.3.154 | cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:* |
| netgear | r6900p_firmware | < 1.3.3.154 | cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:* |
| netgear | r7960p_firmware | < 1.4.4.94 | cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:* |
| netgear | r8000p_firmware | < 1.4.4.94 | cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:* |
| netgear | mr60_firmware | < 1.1.7.132 | cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:* |
| netgear | ms60_firmware | < 1.1.7.132 | cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://hdwsec.fr/blog/20221109-netgear/ | Broken Link |
| https://kb.netgear.com/000065242/Security-Advisory-for-Pre-authentication-Stack-Overflow-on-some-Routers-and-Nighthawk-WiFi-Mesh-Systems-PSV-2022-0146 | Patch Vendor Advisory |
| https://www.netgear.com/about/security/ | Vendor Advisory |