Vulnerabilites related to netgear - ms80
CVE-2021-45613 (GCVE-0-2021-45613)
Vulnerability from cvelistv5
Published
2021-12-26 00:36
Modified
2024-08-04 04:47
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • n/a
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.
References
https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508x_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:47:01.168Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-26T00:36:29",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-45613",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508",
              "refsource": "MISC",
              "url": "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-45613",
    "datePublished": "2021-12-26T00:36:29",
    "dateReserved": "2021-12-25T00:00:00",
    "dateUpdated": "2024-08-04T04:47:01.168Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34982 (GCVE-0-2021-34982)
Vulnerability from cvelistv5
Published
2024-05-07 22:54
Modified
2024-08-04 00:26
Severity ?
8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-121 - Stack-based Buffer Overflow
Summary
NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-13709.
References
https://www.zerodayinitiative.com/advisories/ZDI-21-1274/x_research-advisory
https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159vendor-advisory
Impacted products
Vendor Product Version
NETGEAR Multiple Routers Version: V1.0.11.116_10.2.100
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:netgear:multiple_router_firmware:1.0.11.116_10.0.100:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "multiple_router_firmware",
            "vendor": "netgear",
            "versions": [
              {
                "status": "affected",
                "version": "1.0.11.116_10.0.100"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34982",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-08T14:52:41.415481Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:12:45.927Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:26:55.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ZDI-21-1274",
            "tags": [
              "x_research-advisory",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1274/"
          },
          {
            "name": "vendor-provided URL",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Multiple Routers",
          "vendor": "NETGEAR",
          "versions": [
            {
              "status": "affected",
              "version": "V1.0.11.116_10.2.100"
            }
          ]
        }
      ],
      "dateAssigned": "2021-06-30T08:56:51.718-05:00",
      "datePublic": "2021-10-29T08:54:08.659-05:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n\n\n\n\n. Was ZDI-CAN-13709."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-07T22:54:50.139Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-21-1274",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1274/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Sungur Labs"
      },
      "title": "NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2021-34982",
    "datePublished": "2024-05-07T22:54:50.139Z",
    "dateReserved": "2021-06-17T19:27:05.662Z",
    "dateUpdated": "2024-08-04T00:26:55.936Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-45620 (GCVE-0-2021-45620)
Vulnerability from cvelistv5
Published
2021-12-26 00:35
Modified
2024-08-04 04:47
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • n/a
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509x_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:47:01.265Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-26T00:35:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-45620",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509",
              "refsource": "MISC",
              "url": "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-45620",
    "datePublished": "2021-12-26T00:35:01",
    "dateReserved": "2021-12-25T00:00:00",
    "dateUpdated": "2024-08-04T04:47:01.265Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-34983 (GCVE-0-2021-34983)
Vulnerability from cvelistv5
Published
2024-05-07 22:54
Modified
2024-08-04 00:26
Severity ?
6.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE
  • CWE-306 - Missing Authentication for Critical Function
Summary
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708.
References
https://www.zerodayinitiative.com/advisories/ZDI-21-1275/x_research-advisory
https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159vendor-advisory
Impacted products
Vendor Product Version
NETGEAR Multiple Routers Version: V1.0.11.116_10.2.100
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34983",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-08T15:08:46.169063Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-18T18:38:20.962Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:26:55.842Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ZDI-21-1275",
            "tags": [
              "x_research-advisory",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1275/"
          },
          {
            "name": "vendor-provided URL",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Multiple Routers",
          "vendor": "NETGEAR",
          "versions": [
            {
              "status": "affected",
              "version": "V1.0.11.116_10.2.100"
            }
          ]
        }
      ],
      "dateAssigned": "2021-06-30T08:56:51.720-05:00",
      "datePublic": "2021-10-29T08:54:16.924-05:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306: Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-07T22:54:51.052Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-21-1275",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1275/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Sungur Labs"
      },
      "title": "NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2021-34983",
    "datePublished": "2024-05-07T22:54:51.052Z",
    "dateReserved": "2021-06-17T19:27:05.662Z",
    "dateUpdated": "2024-08-04T00:26:55.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-27647 (GCVE-0-2022-27647)
Vulnerability from cvelistv5
Published
2023-03-29 00:00
Modified
2025-02-18 17:41
Severity ?
8.0 (High) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874.
References
https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327
https://www.zerodayinitiative.com/advisories/ZDI-22-524/
Impacted products
Vendor Product Version
NETGEAR R6700v3 Version: 1.0.4.120_10.0.91
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:32:59.969Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-524/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-27647",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-18T17:40:25.890386Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-18T17:41:07.125Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "R6700v3",
          "vendor": "NETGEAR",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.4.120_10.0.91"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Bugscale team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-29T00:00:00.000Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
        },
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-524/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2022-27647",
    "datePublished": "2023-03-29T00:00:00.000Z",
    "dateReserved": "2022-03-22T00:00:00.000Z",
    "dateUpdated": "2025-02-18T17:41:07.125Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-27642 (GCVE-0-2022-27642)
Vulnerability from cvelistv5
Published
2023-03-29 00:00
Modified
2025-02-18 17:49
Severity ?
6.3 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE
  • CWE-863 - Incorrect Authorization
Summary
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854.
References
https://www.zerodayinitiative.com/advisories/ZDI-22-518/
https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327
Impacted products
Vendor Product Version
NETGEAR R6700v3 Version: 1.0.4.120_10.0.91
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:32:59.905Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-518/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-27642",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-18T17:49:46.824954Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-18T17:49:51.215Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "R6700v3",
          "vendor": "NETGEAR",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.4.120_10.0.91"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Bugscale team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-29T00:00:00.000Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-518/"
        },
        {
          "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2022-27642",
    "datePublished": "2023-03-29T00:00:00.000Z",
    "dateReserved": "2022-03-22T00:00:00.000Z",
    "dateUpdated": "2025-02-18T17:49:51.215Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

var-202112-2336
Vulnerability from variot

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 4.6.3.6, D7000v2 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MK62 prior to 1.0.6.116, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, MR80 prior to 1.1.2.20, MS80 prior to 1.1.2.20, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX35v2 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, and XR1000 prior to 1.0.0.58

Show details on source website

To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2336",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "rbr750",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "cbr750",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "4.6.3.6"
      },
      {
        "model": "ms80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.2.20"
      },
      {
        "model": "xr1000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.0.58"
      },
      {
        "model": "mr60",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.116"
      },
      {
        "model": "rbs850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "rax50",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "d7000v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.0.74"
      },
      {
        "model": "ms60",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.116"
      },
      {
        "model": "lax20",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.28"
      },
      {
        "model": "rax15",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "rax40v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "rax45",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "rbk752",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "mr80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.2.20"
      },
      {
        "model": "rax35v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "rax200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.120"
      },
      {
        "model": "rax43",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "rbk852",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "rbr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "rax80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.120"
      },
      {
        "model": "rax75",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.120"
      },
      {
        "model": "mk62",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.116"
      },
      {
        "model": "rax20",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "rbs750",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "cbr40",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "2.5.0.24"
      },
      {
        "model": "mr60",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "cbr750",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "rax200",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "rax20",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "lax20",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "rax15",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "ms60",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "cbr40",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "d7000v2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "mk62",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45613"
      }
    ]
  },
  "cve": "CVE-2021-45613",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-45613",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-45613",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "cve@mitre.org",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2021-45613",
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-45613",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-45613",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "cve@mitre.org",
            "id": "CVE-2021-45613",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-45613",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202112-2409",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-45613",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-45613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2409"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45613"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45613"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 4.6.3.6, D7000v2 prior to 1.0.0.74, LAX20 prior to 1.1.6.28, MK62 prior to 1.0.6.116, MR60 prior to 1.0.6.116, MS60 prior to 1.0.6.116, MR80 prior to 1.1.2.20, MS80 prior to 1.1.2.20, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX35v2 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, and XR1000 prior to 1.0.0.58",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-45613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-45613"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-45613",
        "trust": 3.3
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2409",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-45613",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-45613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2409"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45613"
      }
    ]
  },
  "id": "VAR-202112-2336",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.33231686
  },
  "last_update_date": "2024-11-23T22:25:01.548000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0508",
        "trust": 0.8,
        "url": "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508"
      },
      {
        "title": "Netgear NETGEAR Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176388"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2409"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-77",
        "trust": 1.0
      },
      {
        "problemtype": "Command injection (CWE-77) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45613"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://kb.netgear.com/000064138/security-advisory-for-pre-authentication-command-injection-on-some-routers-and-wifi-systems-psv-2020-0508"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45613"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/77.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-45613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2409"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45613"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2021-45613"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2409"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45613"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-12-26T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-45613"
      },
      {
        "date": "2023-01-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "date": "2021-12-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202112-2409"
      },
      {
        "date": "2021-12-26T01:15:18.383000",
        "db": "NVD",
        "id": "CVE-2021-45613"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-01-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-45613"
      },
      {
        "date": "2023-01-25T05:10:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      },
      {
        "date": "2022-01-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202112-2409"
      },
      {
        "date": "2024-11-21T06:32:40.303000",
        "db": "NVD",
        "id": "CVE-2021-45613"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2409"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017549"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "command injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2409"
      }
    ],
    "trust": 0.6
  }
}

var-202203-1668
Vulnerability from variot

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854. cax80 firmware, LAX20 firmware, MR60 Multiple Netgear products, including firmware, contain vulnerabilities related to unauthorized authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website

To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202203-1668",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "lax20",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.34"
      },
      {
        "model": "r6700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.126"
      },
      {
        "model": "rax42",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "r6400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.126"
      },
      {
        "model": "rax50s",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rax48",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "r6400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.1.78"
      },
      {
        "model": "r7960p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.4.3.88"
      },
      {
        "model": "r8000p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.4.3.88"
      },
      {
        "model": "r7100lg",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.0.76"
      },
      {
        "model": "rax75",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.138"
      },
      {
        "model": "mr80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.14"
      },
      {
        "model": "ms80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.14"
      },
      {
        "model": "mr60",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.124"
      },
      {
        "model": "rax80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.138"
      },
      {
        "model": "r7850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.5.84"
      },
      {
        "model": "rax40",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rs400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.5.1.86"
      },
      {
        "model": "r8500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.2.158"
      },
      {
        "model": "rax20",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "ms60",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.124"
      },
      {
        "model": "r7000p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.3.3.148"
      },
      {
        "model": "rax38",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "r7000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.11.134"
      },
      {
        "model": "r7900p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.4.3.88"
      },
      {
        "model": "r6900p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.3.3.148"
      },
      {
        "model": "rax43",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "cax80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "2.1.3.7"
      },
      {
        "model": "r8000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.84"
      },
      {
        "model": "rax50",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rax15",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rax200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.138"
      },
      {
        "model": "rax35",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rax45",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "r7960p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r8000",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "ms80",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "mr80",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "lax20",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r7850",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6700",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6400",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r8500",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "mr60",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6900p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r7000p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "rax20",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "cax80",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "ms60",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r7900p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r7000",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "rax15",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r8000p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6700v3",
        "scope": null,
        "trust": 0.7,
        "vendor": "netgear",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27642"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Bugscale team",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      }
    ],
    "trust": 1.3
  },
  "cve": "CVE-2022-27642",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "zdi-disclosures@trendmicro.com",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.8,
            "id": "CVE-2022-27642",
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2022-27642",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2022-27642",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "ZDI",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 2.8,
            "id": "CVE-2022-27642",
            "impactScore": 3.4,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "NONE",
            "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "zdi-disclosures@trendmicro.com",
            "id": "CVE-2022-27642",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-27642",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-27642",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2022-27642",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202203-2054",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27642"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27642"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854. cax80 firmware, LAX20 firmware, MR60 Multiple Netgear products, including firmware, contain vulnerabilities related to unauthorized authentication.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-27642"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      },
      {
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27642"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-27642",
        "trust": 4.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-22-518",
        "trust": 3.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-021793",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-15854",
        "trust": 0.7
      },
      {
        "db": "CS-HELP",
        "id": "SB2022032410",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2054",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27642",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27642"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27642"
      }
    ]
  },
  "id": "VAR-202203-1668",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.3421560347368421
  },
  "last_update_date": "2024-08-14T13:42:55.887000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "NETGEAR has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
      },
      {
        "title": "NETGEAR R6700v3 Repair measures for information disclosure vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=232028"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-863",
        "trust": 1.0
      },
      {
        "problemtype": "Illegal authentication (CWE-863) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27642"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.2,
        "url": "https://kb.netgear.com/000064723/security-advisory-for-multiple-vulnerabilities-on-multiple-products-psv-2021-0327"
      },
      {
        "trust": 3.2,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-22-518/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27642"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-27642/"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022032410"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/863.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27642"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27642"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27642"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27642"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-03-23T00:00:00",
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "date": "2023-03-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-27642"
      },
      {
        "date": "2023-11-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      },
      {
        "date": "2022-03-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      },
      {
        "date": "2023-03-29T19:15:08.407000",
        "db": "NVD",
        "id": "CVE-2022-27642"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-03-23T00:00:00",
        "db": "ZDI",
        "id": "ZDI-22-518"
      },
      {
        "date": "2023-03-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-27642"
      },
      {
        "date": "2023-11-14T04:15:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      },
      {
        "date": "2023-04-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      },
      {
        "date": "2023-04-05T14:53:25.610000",
        "db": "NVD",
        "id": "CVE-2022-27642"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Incorrect authentication vulnerability in multiple Netgear products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-021793"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2054"
      }
    ],
    "trust": 0.6
  }
}

var-202203-1671
Vulnerability from variot

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874. cax80 firmware, LAX20 firmware, MR60 For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website

To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202203-1671",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "lax20",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.34"
      },
      {
        "model": "r6700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.126"
      },
      {
        "model": "rax42",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "r6400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.126"
      },
      {
        "model": "rax50s",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rax48",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "r6400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.1.78"
      },
      {
        "model": "r7960p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.4.3.88"
      },
      {
        "model": "r8000p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.4.3.88"
      },
      {
        "model": "r7100lg",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.0.76"
      },
      {
        "model": "rax75",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.138"
      },
      {
        "model": "mr80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.14"
      },
      {
        "model": "ms80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.14"
      },
      {
        "model": "mr60",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.124"
      },
      {
        "model": "rax80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.138"
      },
      {
        "model": "r7850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.5.84"
      },
      {
        "model": "rax40",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rs400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.5.1.86"
      },
      {
        "model": "r8500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.2.158"
      },
      {
        "model": "rax20",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "ms60",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.124"
      },
      {
        "model": "r7000p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.3.3.148"
      },
      {
        "model": "rax38",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "r7000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.11.134"
      },
      {
        "model": "r7900p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.4.3.88"
      },
      {
        "model": "r6900p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.3.3.148"
      },
      {
        "model": "rax43",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "cax80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "2.1.3.7"
      },
      {
        "model": "r8000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.84"
      },
      {
        "model": "rax50",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rax15",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rax200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.138"
      },
      {
        "model": "rax35",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "rax45",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.10.110"
      },
      {
        "model": "mr60",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "cax80",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "ms80",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "mr80",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r8500",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6400",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r7000",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "rax20",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r8000",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r7900p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r8000p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "ms60",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6900p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "lax20",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r7960p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6700",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "rax15",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r7850",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r7000p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6700v3",
        "scope": null,
        "trust": 0.7,
        "vendor": "netgear",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27647"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Bugscale team",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      }
    ],
    "trust": 1.3
  },
  "cve": "CVE-2022-27647",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "zdi-disclosures@trendmicro.com",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.1,
            "id": "CVE-2022-27647",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.1,
            "id": "CVE-2022-27647",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.1,
            "id": "CVE-2022-27647",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "NONE",
            "vectorString": "AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "zdi-disclosures@trendmicro.com",
            "id": "CVE-2022-27647",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-27647",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-27647",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2022-27647",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202203-2064",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27647"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27647"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874. cax80 firmware, LAX20 firmware, MR60 For multiple Netgear products such as firmware, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-27647"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      },
      {
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27647"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-27647",
        "trust": 4.0
      },
      {
        "db": "ZDI",
        "id": "ZDI-22-524",
        "trust": 3.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022073",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-15874",
        "trust": 0.7
      },
      {
        "db": "CS-HELP",
        "id": "SB2022032410",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2064",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27647",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27647"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27647"
      }
    ]
  },
  "id": "VAR-202203-1671",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.3421560347368421
  },
  "last_update_date": "2024-08-14T13:42:56.011000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "NETGEAR has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
      },
      {
        "title": "NETGEAR R6700v3 Fixes for operating system command injection vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=231217"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.0
      },
      {
        "problemtype": "OS Command injection (CWE-78) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27647"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.2,
        "url": "https://kb.netgear.com/000064723/security-advisory-for-multiple-vulnerabilities-on-multiple-products-psv-2021-0327"
      },
      {
        "trust": 3.2,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-22-524/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27647"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-27647/"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022032410"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/78.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27647"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27647"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-27647"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-27647"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-03-23T00:00:00",
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "date": "2023-03-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-27647"
      },
      {
        "date": "2023-11-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      },
      {
        "date": "2022-03-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      },
      {
        "date": "2023-03-29T19:15:08.773000",
        "db": "NVD",
        "id": "CVE-2022-27647"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-03-23T00:00:00",
        "db": "ZDI",
        "id": "ZDI-22-524"
      },
      {
        "date": "2023-03-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-27647"
      },
      {
        "date": "2023-11-15T03:22:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      },
      {
        "date": "2023-04-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      },
      {
        "date": "2023-04-06T15:05:39.393000",
        "db": "NVD",
        "id": "CVE-2022-27647"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "in multiple NETGEAR products. \u00a0OS\u00a0 Command injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-022073"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "operating system commend injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202203-2064"
      }
    ],
    "trust": 0.6
  }
}

var-202112-2329
Vulnerability from variot

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 4.6.3.6, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, LAX20 prior to 1.1.6.28, MR60 prior to 1.0.6.116, MR80 prior to 1.1.2.20, MS60 prior to 1.0.6.116, MS80 prior to 1.1.2.20, MK62 prior to 1.0.6.116, MK83 prior to 1.1.2.20, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.106, R6700v3 prior to 1.0.4.106, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.126, R7000P prior to 1.3.3.140, R7850 prior to 1.0.5.74, R7900 prior to 1.0.4.46, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.74, R8000P prior to 1.4.2.84, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68

Show details on source website

To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2329",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "rbr750",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "mr60",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.116"
      },
      {
        "model": "r6400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.1.70"
      },
      {
        "model": "ms60",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.116"
      },
      {
        "model": "r8000p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.4.2.84"
      },
      {
        "model": "rax15",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "rax45",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "r6400v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.118"
      },
      {
        "model": "rbk752",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "mr80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.2.20"
      },
      {
        "model": "r7900p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.4.2.84"
      },
      {
        "model": "eax20",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.0.58"
      },
      {
        "model": "rax43",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "eax80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.1.68"
      },
      {
        "model": "r7850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.5.74"
      },
      {
        "model": "rbr850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "r7900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.46"
      },
      {
        "model": "rax80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.120"
      },
      {
        "model": "rs400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.5.1.80"
      },
      {
        "model": "r7000p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.3.3.140"
      },
      {
        "model": "rbs750",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "cbr40",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "2.5.0.24"
      },
      {
        "model": "ms80",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.2.20"
      },
      {
        "model": "cbr750",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "4.6.3.6"
      },
      {
        "model": "xr1000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.0.58"
      },
      {
        "model": "rbs850",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "mk83",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.2.20"
      },
      {
        "model": "rax50",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "lax20",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.1.6.28"
      },
      {
        "model": "rax40v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "r6700v3",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.118"
      },
      {
        "model": "r6900p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.3.3.140"
      },
      {
        "model": "r8000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.74"
      },
      {
        "model": "rax35v2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "rax200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.120"
      },
      {
        "model": "rbk852",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "3.2.17.12"
      },
      {
        "model": "xr300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.68"
      },
      {
        "model": "r7960p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.4.2.84"
      },
      {
        "model": "rax75",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.4.120"
      },
      {
        "model": "r7000",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.11.126"
      },
      {
        "model": "mk62",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.6.116"
      },
      {
        "model": "rax20",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "netgear",
        "version": "1.0.3.96"
      },
      {
        "model": "r6400v2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "mr60",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "eax20",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "cbr750",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "lax20",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "eax80",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "ms60",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6900p",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "cbr40",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      },
      {
        "model": "r6700v3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45620"
      }
    ]
  },
  "cve": "CVE-2021-45620",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-45620",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-45620",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "cve@mitre.org",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2021-45620",
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-45620",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-45620",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "cve@mitre.org",
            "id": "CVE-2021-45620",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-45620",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202112-2416",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-45620",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-45620"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2416"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45620"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45620"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects CBR40 prior to 2.5.0.24, CBR750 prior to 4.6.3.6, EAX20 prior to 1.0.0.58, EAX80 prior to 1.0.1.68, LAX20 prior to 1.1.6.28, MR60 prior to 1.0.6.116, MR80 prior to 1.1.2.20, MS60 prior to 1.0.6.116, MS80 prior to 1.1.2.20, MK62 prior to 1.0.6.116, MK83 prior to 1.1.2.20, R6400 prior to 1.0.1.70, R6400v2 prior to 1.0.4.106, R6700v3 prior to 1.0.4.106, R6900P prior to 1.3.3.140, R7000 prior to 1.0.11.126, R7000P prior to 1.3.3.140, R7850 prior to 1.0.5.74, R7900 prior to 1.0.4.46, R7900P prior to 1.4.2.84, R7960P prior to 1.4.2.84, R8000 prior to 1.0.4.74, R8000P prior to 1.4.2.84, RAX15 prior to 1.0.3.96, RAX20 prior to 1.0.3.96, RAX200 prior to 1.0.4.120, RAX35v2 prior to 1.0.3.96, RAX40v2 prior to 1.0.3.96, RAX43 prior to 1.0.3.96, RAX45 prior to 1.0.3.96, RAX50 prior to 1.0.3.96, RAX75 prior to 1.0.4.120, RAX80 prior to 1.0.4.120, RBK752 prior to 3.2.17.12, RBK852 prior to 3.2.17.12, RBR750 prior to 3.2.17.12, RBR850 prior to 3.2.17.12, RBS750 prior to 3.2.17.12, RBS850 prior to 3.2.17.12, RS400 prior to 1.5.1.80, XR1000 prior to 1.0.0.58, and XR300 prior to 1.0.3.68",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-45620"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-45620"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-45620",
        "trust": 3.3
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2416",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-45620",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-45620"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2416"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45620"
      }
    ]
  },
  "id": "VAR-202112-2329",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.3053594013333333
  },
  "last_update_date": "2024-11-23T22:44:07.277000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Security\u00a0Advisory\u00a0for\u00a0Pre-Authentication\u00a0Command\u00a0Injection\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0509",
        "trust": 0.8,
        "url": "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509"
      },
      {
        "title": "Netgear RBR750  and NETGEAR Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=176395"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2416"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-77",
        "trust": 1.0
      },
      {
        "problemtype": "Command injection (CWE-77) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45620"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://kb.netgear.com/000064510/security-advisory-for-pre-authentication-command-injection-on-some-routers-extenders-and-wifi-systems-psv-2020-0509"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45620"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/77.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-45620"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2416"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45620"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2021-45620"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2416"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-45620"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-12-26T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-45620"
      },
      {
        "date": "2023-01-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "date": "2021-12-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202112-2416"
      },
      {
        "date": "2021-12-26T01:15:18.703000",
        "db": "NVD",
        "id": "CVE-2021-45620"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-01-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-45620"
      },
      {
        "date": "2023-01-25T02:07:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      },
      {
        "date": "2022-01-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202112-2416"
      },
      {
        "date": "2024-11-21T06:32:41.723000",
        "db": "NVD",
        "id": "CVE-2021-45620"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2416"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0NETGEAR\u00a0 Command injection vulnerability in device",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-017546"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "command injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202112-2416"
      }
    ],
    "trust": 0.6
  }
}

Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.
References
cve@mitre.orghttps://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508Vendor Advisory
Impacted products
Vendor Product Version
netgear cbr40_firmware *
netgear cbr40 -
netgear cbr750_firmware *
netgear cbr750 -
netgear d7000v2_firmware *
netgear d7000v2 -
netgear lax20_firmware *
netgear lax20 -
netgear mk62_firmware *
netgear mk62 -
netgear mr60_firmware *
netgear mr60 -
netgear ms60_firmware *
netgear ms60 -
netgear rax15_firmware *
netgear rax15 -
netgear rax20_firmware *
netgear rax20 -
netgear rax200_firmware *
netgear rax200 -
netgear rax35v2_firmware *
netgear rax35v2 -
netgear rax40v2_firmware *
netgear rax40v2 -
netgear rax43_firmware *
netgear rax43 -
netgear rax45_firmware *
netgear rax45 -
netgear rax50_firmware *
netgear rax50 -
netgear rax75_firmware *
netgear rax75 -
netgear rax80_firmware *
netgear rax80 -
netgear rbk752_firmware *
netgear rbk752 -
netgear rbk852_firmware *
netgear rbk852 -
netgear rbr750_firmware *
netgear rbr750 -
netgear rbr850_firmware *
netgear rbr850 -
netgear rbs750_firmware *
netgear rbs750 -
netgear rbs850_firmware *
netgear rbs850 -
netgear xr1000_firmware *
netgear xr1000 -
netgear mr80_firmware *
netgear mr80 -
netgear ms80_firmware *
netgear ms80 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7483E92A-5858-49B5-9499-E132941F5ACD",
              "versionEndExcluding": "2.5.0.24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C",
              "versionEndExcluding": "4.6.3.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD14EFC-C6EF-485B-A594-73B8525704A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D1C234-22F1-4837-9D04-059170A97072",
              "versionEndExcluding": "1.0.0.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48709EA4-81F3-4CF1-B9A8-5379309914B0",
              "versionEndExcluding": "1.1.6.28",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "491CEB8D-22F3-4F86-96F0-03C5C58BA295",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE40C2D0-0863-4E0F-B3E7-6FD043B46467",
              "versionEndExcluding": "1.0.6.116",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79475-37BE-47BD-A629-DCEF22500B0B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA438541-75AE-4D6B-AB56-02760D08D465",
              "versionEndExcluding": "1.0.6.116",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2234C485-F411-48CC-9A0B-AA49B6961E38",
              "versionEndExcluding": "1.0.6.116",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F003F064-591C-4D7C-9EC4-D0E553BC6683",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2268D5EF-E7FA-4112-A468-507417E18FFF",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B624B4D3-BCF4-4F95-B401-A88BEC3145A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31289572-2197-4A38-8353-CA4AAD491160",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7038703C-C79D-4DD4-8B16-E1A5FC6694C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6334DE4D-E78B-4582-9C6F-6123DA5192C7",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "841D857C-3387-43E0-A3AF-0E81CBEE3E40",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9358B2F2-D24E-434D-AEE5-6CE093598793",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FF0E5B9-8D2D-4A3F-881E-2E3122B3577C",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AC89EAA-344C-438E-A5A5-2C34CF699743",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178BB386-F66C-4CE8-9283-37D22B304691",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0706367A-3F60-4564-8689-E0A46DDC31C2",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679C4EC5-D17E-469B-A28F-BF5E231CED3D",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C430976E-24C0-4EA7-BF54-F9C188AB9C01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A45832BD-114D-42F1-B9F1-7532496D30A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "845C1FCC-F54B-452A-B121-1CD1A7867027",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "14F257FE-31CE-4F74-829D-29407D74ADF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C13F5C69-FA9B-472A-9036-0C2967BDCDE9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E0EF50-145F-407A-8915-4EFFCD833505",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D92E4C8E-222A-476C-8273-F7171FC61F0B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B529194C-C440-4BC3-850F-0613FC548F86",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DC5A075-0619-409C-B057-41015B8C54B3",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "221CA950-E984-44CD-9E1B-3AADE3CEBE52",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F615F516-29EF-4C15-9E18-C5D4F6291A38",
              "versionEndExcluding": "1.0.0.58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29757651-068E-4646-AAD8-2CF8FD08B34C",
              "versionEndExcluding": "1.1.2.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A086E76-3F23-4C21-AC96-F11372A8A186",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1582E16D-ACEE-4E33-9D52-9DD25C035EA8",
              "versionEndExcluding": "1.1.2.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58."
    },
    {
      "lang": "es",
      "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, D7000v2 versiones anteriores a 1.0.0.74, LAX20 versiones anteriores a 1.1.6.28, MK62 versiones anteriores a 1.0.6.116, MR60 versiones anteriores a 1.0.6. 116, MS60 versiones anteriores a 1.0.6.116, MR80 versiones anteriores a 1.1.2.20, MS80 versiones anteriores a 1.1.2.20, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4.120, RAX45 versiones anteriores a 1.0.3. 96, RAX50 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX35v2 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1.0.4.120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3. 2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, y XR1000 versiones anteriores a 1.0.0.58"
    }
  ],
  "id": "CVE-2021-45613",
  "lastModified": "2024-11-21T06:32:40.303",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.6,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-26T01:15:18.383",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
cve@mitre.orghttps://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509Vendor Advisory
Impacted products
Vendor Product Version
netgear cbr40_firmware *
netgear cbr40 -
netgear cbr750_firmware *
netgear cbr750 -
netgear eax20_firmware *
netgear eax20 -
netgear eax80_firmware *
netgear eax80 -
netgear lax20_firmware *
netgear lax20 -
netgear mr60_firmware *
netgear mr60 -
netgear ms60_firmware *
netgear ms60 -
netgear r6400v2_firmware *
netgear r6400v2 -
netgear r6700v3_firmware *
netgear r6700v3 -
netgear r6900p_firmware *
netgear r6900p -
netgear r7000_firmware *
netgear r7000 -
netgear r7000p_firmware *
netgear r7000p -
netgear r7850_firmware *
netgear r7850 -
netgear r7900_firmware *
netgear r7900 -
netgear r7900p_firmware *
netgear r7900p -
netgear r7960p_firmware *
netgear r7960p -
netgear r8000_firmware *
netgear r8000 -
netgear r8000p_firmware *
netgear r8000p -
netgear rax15_firmware *
netgear rax15 -
netgear rax20_firmware *
netgear rax20 -
netgear rax200_firmware *
netgear rax200 -
netgear rax35v2_firmware *
netgear rax35v2 -
netgear rax40v2_firmware *
netgear rax40v2 -
netgear rax43_firmware *
netgear rax43 -
netgear rax45_firmware *
netgear rax45 -
netgear rax50_firmware *
netgear rax50 -
netgear rax75_firmware *
netgear rax75 -
netgear rax80_firmware *
netgear rax80 -
netgear rbk752_firmware *
netgear rbk752 -
netgear rbk852_firmware *
netgear rbk852 -
netgear rbr750_firmware *
netgear rbr750 -
netgear rbr850_firmware *
netgear rbr850 -
netgear rbs750_firmware *
netgear rbs750 -
netgear rbs850_firmware *
netgear rbs850 -
netgear rs400_firmware *
netgear rs400 -
netgear xr1000_firmware *
netgear xr1000 -
netgear xr300_firmware *
netgear xr300 -
netgear r6400_firmware *
netgear r6400 -
netgear mk62_firmware *
netgear mk62 -
netgear mr80_firmware *
netgear mr80 -
netgear ms80_firmware *
netgear ms80 -
netgear mk83_firmware *
netgear mk83 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7483E92A-5858-49B5-9499-E132941F5ACD",
              "versionEndExcluding": "2.5.0.24",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C",
              "versionEndExcluding": "4.6.3.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD14EFC-C6EF-485B-A594-73B8525704A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA48F47-FC18-4953-BA90-1F4F3695A2BE",
              "versionEndExcluding": "1.0.0.58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D3B54B-33C0-4E50-AD2B-2097C612F288",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC9EE9DE-DD58-46A9-87FB-D284EBE0ACC1",
              "versionEndExcluding": "1.0.1.68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97740F5D-063E-424F-A0FE-09EBE1100975",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48709EA4-81F3-4CF1-B9A8-5379309914B0",
              "versionEndExcluding": "1.1.6.28",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "491CEB8D-22F3-4F86-96F0-03C5C58BA295",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA438541-75AE-4D6B-AB56-02760D08D465",
              "versionEndExcluding": "1.0.6.116",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2234C485-F411-48CC-9A0B-AA49B6961E38",
              "versionEndExcluding": "1.0.6.116",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F003F064-591C-4D7C-9EC4-D0E553BC6683",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0095B9D4-E161-4050-B283-2166CB86CB24",
              "versionEndExcluding": "1.0.4.118",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0702F9B6-2DAC-4308-8737-9F85AD28E847",
              "versionEndExcluding": "1.0.4.118",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C88DA385-5FAE-49EC-80D6-78F81E7EEC16",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94795476-184B-4E7D-9D8B-ECB45609108E",
              "versionEndExcluding": "1.3.3.140",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E06EFF-9D71-43DB-A304-9A41998FD68A",
              "versionEndExcluding": "1.0.11.126",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3A7E8BF-8CC3-4806-89F5-FBE01A36A1FD",
              "versionEndExcluding": "1.3.3.140",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8491F80C-E57A-4862-B969-F43799A47D06",
              "versionEndExcluding": "1.0.5.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4195BC65-A849-4C3A-B726-E013CEB57F32",
              "versionEndExcluding": "1.0.4.46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA344C08-94F1-47F8-9607-3D854B890E19",
              "versionEndExcluding": "1.4.2.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B2293C-09AD-4B5A-B2A0-923E2B9923AA",
              "versionEndExcluding": "1.4.2.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "091CEDB5-0069-4253-86D8-B9FE17CB9F24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A662FDCF-DC41-4DC9-B77E-BE1D636AC0B3",
              "versionEndExcluding": "1.0.4.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4905D866-2326-487F-AAA5-96ABA0DBD56E",
              "versionEndExcluding": "1.4.2.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2268D5EF-E7FA-4112-A468-507417E18FFF",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B624B4D3-BCF4-4F95-B401-A88BEC3145A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31289572-2197-4A38-8353-CA4AAD491160",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7038703C-C79D-4DD4-8B16-E1A5FC6694C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6334DE4D-E78B-4582-9C6F-6123DA5192C7",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "841D857C-3387-43E0-A3AF-0E81CBEE3E40",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9358B2F2-D24E-434D-AEE5-6CE093598793",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FF0E5B9-8D2D-4A3F-881E-2E3122B3577C",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AC89EAA-344C-438E-A5A5-2C34CF699743",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178BB386-F66C-4CE8-9283-37D22B304691",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0706367A-3F60-4564-8689-E0A46DDC31C2",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679C4EC5-D17E-469B-A28F-BF5E231CED3D",
              "versionEndExcluding": "1.0.3.96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C430976E-24C0-4EA7-BF54-F9C188AB9C01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A45832BD-114D-42F1-B9F1-7532496D30A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "845C1FCC-F54B-452A-B121-1CD1A7867027",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "14F257FE-31CE-4F74-829D-29407D74ADF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C13F5C69-FA9B-472A-9036-0C2967BDCDE9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E0EF50-145F-407A-8915-4EFFCD833505",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D92E4C8E-222A-476C-8273-F7171FC61F0B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B529194C-C440-4BC3-850F-0613FC548F86",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DC5A075-0619-409C-B057-41015B8C54B3",
              "versionEndExcluding": "3.2.17.12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "221CA950-E984-44CD-9E1B-3AADE3CEBE52",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A",
              "versionEndExcluding": "1.5.1.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2700644E-0940-4D05-B3CA-904D91739E58",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F615F516-29EF-4C15-9E18-C5D4F6291A38",
              "versionEndExcluding": "1.0.0.58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE70236-D1C6-4B58-8385-1FA5F71916AF",
              "versionEndExcluding": "1.0.3.68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5590CF28-B88A-4755-904B-1BC1778FBEDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA1BB56F-20B5-4A79-AE9D-429A011EAA4C",
              "versionEndExcluding": "1.0.1.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE40C2D0-0863-4E0F-B3E7-6FD043B46467",
              "versionEndExcluding": "1.0.6.116",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79475-37BE-47BD-A629-DCEF22500B0B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29757651-068E-4646-AAD8-2CF8FD08B34C",
              "versionEndExcluding": "1.1.2.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A086E76-3F23-4C21-AC96-F11372A8A186",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1582E16D-ACEE-4E33-9D52-9DD25C035EA8",
              "versionEndExcluding": "1.1.2.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mk83_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6934383-3E7A-46A5-8147-16C595604ADA",
              "versionEndExcluding": "1.1.2.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mk83:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C6C7ABC-87BF-4F20-8DAF-D9B9ACA4A273",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68."
    },
    {
      "lang": "es",
      "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, EAX20 versiones anteriores a 1.0.0.58, EAX80 versiones anteriores a 1.0.1.68, LAX20 versiones anteriores a 1.1.6.28, MR60 versiones anteriores a 1.0.6.116, MR80 versiones anteriores a 1.1.2.20, MS60 versiones anteriores a 1.0.6.116, MS80 versiones anteriores a 1.1.2.20, MK62 versiones anteriores a 1.0.6.116, MK83 versiones anteriores a 1. 1.2.20, R6400 versiones anteriores a 1.0.1.70, R6400v2 versiones anteriores a 1.0.4.106, R6700v3 versiones anteriores a 1.0.4.106, R6900P versiones anteriores a 1.3.3.140, R7000 versiones anteriores a 1. 0.11.126, R7000P versiones anteriores a 1.3.3.140, R7850 versiones anteriores a 1.0.5.74, R7900 versiones anteriores a 1.0.4.46, R7900P versiones anteriores a 1.4.2.84, R7960P versiones anteriores a 1.4.2. 84, R8000 versiones anteriores a 1.0.4.74, R8000P versiones anteriores a 1.4.2.84, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4. 120, RAX35v2 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX45 versiones anteriores a 1.0.3.96, RAX50 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1. 0.4.120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17. 12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RS400 versiones anteriores a 1.5.1.80, XR1000 versiones anteriores a 1.0.0.58 y XR300 versiones anteriores a 1.0.3.68"
    }
  ],
  "id": "CVE-2021-45620",
  "lastModified": "2024-11-21T06:32:41.723",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.6,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-26T01:15:18.703",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-05-07 23:15
Modified
2025-08-14 01:40
Severity ?
6.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708.
References
zdi-disclosures@trendmicro.comhttps://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159Vendor Advisory
zdi-disclosures@trendmicro.comhttps://www.zerodayinitiative.com/advisories/ZDI-21-1275/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-21-1275/Third Party Advisory
Impacted products
Vendor Product Version
netgear xr1000_firmware *
netgear xr1000 -
netgear xr300_firmware *
netgear xr300 -
netgear d6220_firmware *
netgear d6220 -
netgear d6400_firmware *
netgear d6400 -
netgear d7000v2_firmware *
netgear d7000v2 -
netgear dgn2200v4_firmware *
netgear dgn2200v4 -
netgear v6510-1fxaus_firmware *
netgear v6510-1fxaus -
netgear dc112a_firmware *
netgear dc112a -
netgear ex3700_firmware *
netgear ex3700 -
netgear ex3800_firmware *
netgear ex3800 -
netgear ex6120_firmware *
netgear ex6120 -
netgear ex6130_firmware *
netgear ex6130 -
netgear ex7000_firmware *
netgear ex7000 -
netgear ex7500_firmware *
netgear ex7500 -
netgear mr60_firmware *
netgear mr60 -
netgear mr80_firmware *
netgear mr80 -
netgear ms60_firmware *
netgear ms60 -
netgear ms80_firmware *
netgear ms80 -
netgear lax20_firmware *
netgear lax20 -
netgear r6400_firmware *
netgear r6400 -
netgear r6400v2_firmware *
netgear r6400v2 -
netgear r6700v3_firmware *
netgear r6700v3 -
netgear r6900p_firmware *
netgear r6900p -
netgear r7000_firmware *
netgear r7000 -
netgear r7000p_firmware *
netgear r7000p -
netgear r7100lg_firmware *
netgear r7100lg -
netgear r7850_firmware *
netgear r7850 -
netgear r7900p_firmware *
netgear r7900p -
netgear r7960p_firmware *
netgear r7960p -
netgear r8000_firmware *
netgear r8000 -
netgear r8000p_firmware *
netgear r8000p -
netgear r8300_firmware *
netgear r8300 -
netgear r8500_firmware *
netgear r8500 -
netgear rax15_firmware *
netgear rax15 -
netgear rax20_firmware *
netgear rax20 -
netgear rax200_firmware *
netgear rax200 -
netgear rax35v2_firmware *
netgear rax35v2 -
netgear rax38v2_firmware *
netgear rax38v2 -
netgear rax40v2_firmware *
netgear rax40v2 -
netgear rax42_firmware *
netgear rax42 -
netgear rax43_firmware *
netgear rax43 -
netgear rax45_firmware *
netgear rax45 -
netgear rax48_firmware *
netgear rax48 -
netgear rax50_firmware *
netgear rax50 -
netgear rax50s_firmware *
netgear rax50s -
netgear rax75_firmware *
netgear rax75 -
netgear rax80_firmware *
netgear rax80 -
netgear raxe450_firmware *
netgear raxe450 -
netgear raxe500_firmware *
netgear raxe500 -
netgear rs400_firmware *
netgear rs400 -
netgear wndr3400v3_firmware *
netgear wndr3400v3 -
netgear wnr3500lv2_firmware *
netgear wnr3500lv2 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E53E84D2-5378-405C-8D98-2DB746048FC5",
              "versionEndExcluding": "1.0.0.64",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE70236-D1C6-4B58-8385-1FA5F71916AF",
              "versionEndExcluding": "1.0.3.68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5590CF28-B88A-4755-904B-1BC1778FBEDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD93F750-1D77-4E8F-86EB-581C0102474B",
              "versionEndExcluding": "1.0.0.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "204E3FEE-153C-46A8-8651-8CF90A37F04D",
              "versionEndExcluding": "1.0.0.108",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F21298B-8FEA-4E17-BF38-65F247D6271C",
              "versionEndExcluding": "1.0.0.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EDEBC41-D9AA-4822-AC01-CFA4B24A08A6",
              "versionEndExcluding": "1.0.0.126",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE59214-C8A1-4337-A54C-E4E8C149B241",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:v6510-1fxaus_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10C3B249-3491-4F4F-9D0C-758AFDFB3416",
              "versionEndExcluding": "1.0.0.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:v6510-1fxaus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "537F4FAF-40FF-4858-8072-AC5B5A193ABC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B4ECB05-E606-439C-9B67-DB5042FCD50E",
              "versionEndExcluding": "1.0.0.62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A65EE9FC-A015-4D92-8DA3-40C8594D843D",
              "versionEndExcluding": "1.0.0.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED72FFCA-F5A8-480D-8A29-C14FFC490B33",
              "versionEndExcluding": "1.0.0.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ECBE89E-3C81-470A-80C0-F742D7ABC66D",
              "versionEndExcluding": "1.0.0.66",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D32948E-0E3F-4F1E-9BF8-AA159659B248",
              "versionEndExcluding": "1.0.0.46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D1A25A-22F9-49BF-8335-61EC6D0D1951",
              "versionEndExcluding": "1.0.1.106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAFA0844-677F-4753-9289-DFEB4B59D689",
              "versionEndExcluding": "1.0.1.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44336289-F9DA-4779-8C1A-0221E29E2E2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F6E7187-B191-473D-9E9D-0990447AB8C6",
              "versionEndExcluding": "1.1.6.122",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FDB0ED7-C249-4B35-B8E5-A0AE2BE311E0",
              "versionEndExcluding": "1.1.6.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A086E76-3F23-4C21-AC96-F11372A8A186",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "476B2ED6-D7C9-4B84-BCD0-9C98B80A5F53",
              "versionEndExcluding": "1.1.6.122",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F003F064-591C-4D7C-9EC4-D0E553BC6683",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "759DA00A-1088-453C-94C6-5037E04CD81A",
              "versionEndExcluding": "1.1.6.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D02824FC-0D56-4422-A5D5-4944BA2FA897",
              "versionEndExcluding": "1.1.6.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "491CEB8D-22F3-4F86-96F0-03C5C58BA295",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C7F4455-0A09-49B7-A117-1834F20B9FD1",
              "versionEndExcluding": "1.0.1.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58DA0D12-4A91-4063-94C1-5154669BE6D5",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEB4D53-DD21-4145-B802-3ECC00998CC4",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C88DA385-5FAE-49EC-80D6-78F81E7EEC16",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E52E9373-C896-405F-9CEC-2E8707B249F5",
              "versionEndExcluding": "1.3.3.148",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "047F5F65-909C-4151-A8DF-B3DD7CDEEDEF",
              "versionEndExcluding": "1.0.11.128",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D67D8C3-98DA-4B7D-BA7D-AB5F13E627F9",
              "versionEndExcluding": "1.3.3.148",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F445F83B-1CFC-41E9-9446-72E1FCE5A222",
              "versionEndExcluding": "1.0.0.72",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17FF56D6-F2B4-406A-AFFE-B9502E22FFDE",
              "versionEndExcluding": "1.0.5.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA344C08-94F1-47F8-9607-3D854B890E19",
              "versionEndExcluding": "1.4.2.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B2293C-09AD-4B5A-B2A0-923E2B9923AA",
              "versionEndExcluding": "1.4.2.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "091CEDB5-0069-4253-86D8-B9FE17CB9F24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A83ECB19-F32A-4413-8B51-3B871F1C2610",
              "versionEndExcluding": "1.0.4.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4905D866-2326-487F-AAA5-96ABA0DBD56E",
              "versionEndExcluding": "1.4.2.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB34F838-B338-41CC-9EC8-4712C4CF84AE",
              "versionEndExcluding": "1.0.2.156",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5D6D75-ADD4-4D61-A54A-4DA0FE9722B9",
              "versionEndExcluding": "1.0.2.156",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8D5268F-C2DA-4323-A71A-784DAB080D64",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B624B4D3-BCF4-4F95-B401-A88BEC3145A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4936DA57-0FEF-4BD1-8075-7DBB144D6C51",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7038703C-C79D-4DD4-8B16-E1A5FC6694C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1071E817-2865-4D9A-BAD6-36CDCC86A2D3",
              "versionEndExcluding": "1.0.5.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8EBFE8-A19D-4095-902D-E3DE5FE9B152",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9358B2F2-D24E-434D-AEE5-6CE093598793",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax38v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "622B679D-8F20-40A2-B8CB-054FCB13DC8E",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax38v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE59D8F1-1883-4C96-8099-AA6B362A8D2B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E7252E5-A12A-49E7-BFF5-2974FBC876F0",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6786B925-498E-458D-94F4-83F337DE469C",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D83182AB-E726-4371-B092-FA1920408FED",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3128D842-33C1-453A-B4BF-F383F7C7A924",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178BB386-F66C-4CE8-9283-37D22B304691",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDFCA49-7EF9-413B-A7CA-7D51CA7D12CB",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BF9561-75D1-4B7A-ABE3-871D6C647978",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E50F2A-C46C-4875-84AB-04AA00BFA53F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D36A7666-610A-4C67-AD7D-C4473CC35994",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C430976E-24C0-4EA7-BF54-F9C188AB9C01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F6B59EE-5B90-4139-8306-B50846BB1EC6",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBB69710-DA7E-4011-A61A-BA40462A041F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6065375D-CB51-403B-B6CD-BBBA53685E08",
              "versionEndExcluding": "1.0.5.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "324447B4-A3B2-41C7-A003-F7A09C66ACD2",
              "versionEndExcluding": "1.0.5.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24003AB5-CFB9-4A28-BDBE-2800B5222865",
              "versionEndExcluding": "1.0.8.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D7EC2C-E443-4749-854E-5BC057CA6B06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018EFBF6-9AE3-4361-B8E2-A0A4B668295F",
              "versionEndExcluding": "1.0.8.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D23ADF0-05B4-4163-9666-3F470FB19E01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A",
              "versionEndExcluding": "1.5.1.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2700644E-0940-4D05-B3CA-904D91739E58",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "836591C8-6B93-4C41-808D-9FF4080A5F51",
              "versionEndExcluding": "1.0.1.42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F227D8-332F-4D24-BAEA-AA5DB3E3EC95",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wnr3500lv2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3EC77D7-D5B5-48A4-ACF9-7919A7254A31",
              "versionEndExcluding": "1.2.0.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wnr3500lv2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3F6D58-D900-41B4-8626-58928866208A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708."
    },
    {
      "lang": "es",
      "value": "Falta autenticaci\u00f3n httpd de varios enrutadores de NETGEAR para vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de funciones cr\u00edticas. Esta vulnerabilidad permite a atacantes adyacentes a la red revelar informaci\u00f3n confidencial sobre instalaciones afectadas de m\u00faltiples enrutadores NETGEAR. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del servicio httpd, que escucha en el puerto TCP 80 de forma predeterminada. El problema se debe a la falta de autenticaci\u00f3n antes de permitir el acceso a la informaci\u00f3n de configuraci\u00f3n del sistema. Un atacante puede aprovechar esta vulnerabilidad para revelar las credenciales almacenadas, lo que provocar\u00eda un mayor compromiso. Era ZDI-CAN-13708."
    }
  ],
  "id": "CVE-2021-34983",
  "lastModified": "2025-08-14T01:40:56.983",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "zdi-disclosures@trendmicro.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-07T23:15:13.573",
  "references": [
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
    },
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1275/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1275/"
    }
  ],
  "sourceIdentifier": "zdi-disclosures@trendmicro.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "zdi-disclosures@trendmicro.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 06:56
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854.
References
zdi-disclosures@trendmicro.comhttps://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327Vendor Advisory
zdi-disclosures@trendmicro.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-518/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-518/Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
netgear cax80_firmware *
netgear cax80 -
netgear lax20_firmware *
netgear lax20 -
netgear mr60_firmware *
netgear mr60 -
netgear mr80_firmware *
netgear mr80 -
netgear ms60_firmware *
netgear ms60 -
netgear ms80_firmware *
netgear ms80 -
netgear r6400_firmware *
netgear r6400 -
netgear r6400_firmware *
netgear r6400 v2
netgear r6700_firmware *
netgear r6700 v3
netgear r6900p_firmware *
netgear r6900p -
netgear r7000_firmware *
netgear r7000 -
netgear r7000p_firmware *
netgear r7000p -
netgear r7850_firmware *
netgear r7850 -
netgear r7900p_firmware *
netgear r7900p -
netgear r7960p_firmware *
netgear r7960p -
netgear r8000_firmware *
netgear r8000 -
netgear r8000p_firmware *
netgear r8000p -
netgear r8500_firmware *
netgear r8500 -
netgear rax15_firmware *
netgear rax15 -
netgear rax20_firmware *
netgear rax20 -
netgear rax200_firmware *
netgear rax200 -
netgear rax35_firmware *
netgear rax35 v2
netgear rax38_firmware *
netgear rax38 v2
netgear rax40_firmware *
netgear rax40 v2
netgear rax42_firmware *
netgear rax42 -
netgear rax43_firmware *
netgear rax43 -
netgear rax45_firmware *
netgear rax45 -
netgear rax48_firmware *
netgear rax48 -
netgear rax50_firmware *
netgear rax50 -
netgear rax50s_firmware *
netgear rax50s -
netgear rax75_firmware *
netgear rax75 -
netgear rax80_firmware *
netgear rax80 -
netgear rs400_firmware *
netgear rs400 -
netgear r7100lg_firmware *
netgear r7100lg -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:cax80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A7BD19F-A89B-4941-9422-E4FFBD76DBD2",
              "versionEndExcluding": "2.1.3.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:cax80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "673A83EA-E359-4629-8B20-5382C15260B2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF0F2B55-DBD3-4762-92EA-A01D57277A9D",
              "versionEndExcluding": "1.1.6.34",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "491CEB8D-22F3-4F86-96F0-03C5C58BA295",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A72582A2-5A44-4ED5-8497-FCAB59A125BE",
              "versionEndExcluding": "1.1.6.124",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DC64FD2-5D52-4BA2-8A5B-8AC11BE06243",
              "versionEndExcluding": "1.1.6.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A086E76-3F23-4C21-AC96-F11372A8A186",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F50C923-68DC-48EB-A41B-0D3F99B16E1F",
              "versionEndExcluding": "1.1.6.124",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F003F064-591C-4D7C-9EC4-D0E553BC6683",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E44445-7F76-4CD6-91AC-CEBC46DFA587",
              "versionEndExcluding": "1.1.6.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A41218DC-3A06-4582-A8B8-0320F76F3DFC",
              "versionEndExcluding": "1.0.1.78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFC79CFE-9036-472C-AB28-FF293BBE1780",
              "versionEndExcluding": "1.0.4.126",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "169E2D0D-7D18-4AF1-8683-346BD1069DC1",
              "versionEndExcluding": "1.0.4.126",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E52E9373-C896-405F-9CEC-2E8707B249F5",
              "versionEndExcluding": "1.3.3.148",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376DD03-0DDD-4B0C-A185-EC226515B32A",
              "versionEndExcluding": "1.0.11.134",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D67D8C3-98DA-4B7D-BA7D-AB5F13E627F9",
              "versionEndExcluding": "1.3.3.148",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA99A24-E836-40F4-BF61-C4489E3713F0",
              "versionEndExcluding": "1.0.5.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD3DCC5-342C-4E66-8BFB-545C2D375A81",
              "versionEndExcluding": "1.4.3.88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "150CF98F-A933-4CF2-A4FF-5AF15A9E1E18",
              "versionEndExcluding": "1.4.3.88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "091CEDB5-0069-4253-86D8-B9FE17CB9F24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72325BC2-C9AC-4B24-865E-662BDF05BD99",
              "versionEndExcluding": "1.0.4.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "994D00CD-350B-4059-9C51-BF843C72B45E",
              "versionEndExcluding": "1.4.3.88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EE6DCC3-C225-45A3-A6D0-52BA730EC285",
              "versionEndExcluding": "1.0.2.158",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D60F61B-2487-46D7-8B93-4035147AA0AB",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B624B4D3-BCF4-4F95-B401-A88BEC3145A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AE4A8C-19CF-44B0-83F1-F3386305B3E3",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7038703C-C79D-4DD4-8B16-E1A5FC6694C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C706F152-6163-4276-B608-C4AF196E070F",
              "versionEndExcluding": "1.0.6.138",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax35_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8ED09D-C874-45EB-AD84-1DB0129C55EC",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax35:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "972BB714-8869-42C6-95F6-2C15AFA65716",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax38_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C7B1AC-0329-48A9-87AD-596C0EC7B3C6",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax38:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8306FEBE-ED60-47F0-AB49-E629018D7C33",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax40_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DAEBC1-A1A3-4329-AD32-D41E6576A9DA",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax40:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5F8B3F-C0D0-496C-A235-A467EA578C28",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "756EAEA3-3DC5-4F2F-8C92-29C12FCEAE2C",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D83182AB-E726-4371-B092-FA1920408FED",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28B1B071-C0AD-46AA-8B3D-AF32D71E088C",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178BB386-F66C-4CE8-9283-37D22B304691",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97147D06-DBE4-420F-AF06-604C74710080",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F540D5F-F4F5-47B1-B76F-C18004395596",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E50F2A-C46C-4875-84AB-04AA00BFA53F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E1737CE-683A-4A8D-9DDC-9BCF1822ABCF",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C430976E-24C0-4EA7-BF54-F9C188AB9C01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F282A9F3-E07C-44EB-A21A-462A3DEDAB39",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBB69710-DA7E-4011-A61A-BA40462A041F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E301ACAC-E217-4329-8A32-83946E61999E",
              "versionEndExcluding": "1.0.6.138",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8028906-D5AB-4CE6-8431-844E6F98B9AD",
              "versionEndExcluding": "1.0.6.138",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC7E8C9-62BD-45E2-8A7A-D29A6150622A",
              "versionEndExcluding": "1.5.1.86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2700644E-0940-4D05-B3CA-904D91739E58",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B98293B5-C804-4ED5-8344-12AA02E933CB",
              "versionEndExcluding": "1.0.0.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-15854."
    }
  ],
  "id": "CVE-2022-27642",
  "lastModified": "2024-11-21T06:56:04.887",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4,
        "source": "zdi-disclosures@trendmicro.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-29T19:15:08.407",
  "references": [
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
    },
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-518/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-518/"
    }
  ],
  "sourceIdentifier": "zdi-disclosures@trendmicro.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "zdi-disclosures@trendmicro.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-03-29 19:15
Modified
2024-11-21 06:56
Severity ?
8.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874.
References
zdi-disclosures@trendmicro.comhttps://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327Vendor Advisory
zdi-disclosures@trendmicro.comhttps://www.zerodayinitiative.com/advisories/ZDI-22-524/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-22-524/Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
netgear cax80_firmware *
netgear cax80 -
netgear lax20_firmware *
netgear lax20 -
netgear mr60_firmware *
netgear mr60 -
netgear mr80_firmware *
netgear mr80 -
netgear ms60_firmware *
netgear ms60 -
netgear ms80_firmware *
netgear ms80 -
netgear r6400_firmware *
netgear r6400 -
netgear r6400_firmware *
netgear r6400 v2
netgear r6700_firmware *
netgear r6700 v3
netgear r6900p_firmware *
netgear r6900p -
netgear r7000_firmware *
netgear r7000 -
netgear r7000p_firmware *
netgear r7000p -
netgear r7850_firmware *
netgear r7850 -
netgear r7900p_firmware *
netgear r7900p -
netgear r7960p_firmware *
netgear r7960p -
netgear r8000_firmware *
netgear r8000 -
netgear r8000p_firmware *
netgear r8000p -
netgear r8500_firmware *
netgear r8500 -
netgear rax15_firmware *
netgear rax15 -
netgear rax20_firmware *
netgear rax20 -
netgear rax200_firmware *
netgear rax200 -
netgear rax35_firmware *
netgear rax35 v2
netgear rax38_firmware *
netgear rax38 v2
netgear rax40_firmware *
netgear rax40 v2
netgear rax42_firmware *
netgear rax42 -
netgear rax43_firmware *
netgear rax43 -
netgear rax45_firmware *
netgear rax45 -
netgear rax48_firmware *
netgear rax48 -
netgear rax50_firmware *
netgear rax50 -
netgear rax50s_firmware *
netgear rax50s -
netgear rax75_firmware *
netgear rax75 -
netgear rax80_firmware *
netgear rax80 -
netgear rs400_firmware *
netgear rs400 -
netgear r7100lg_firmware *
netgear r7100lg -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:cax80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A7BD19F-A89B-4941-9422-E4FFBD76DBD2",
              "versionEndExcluding": "2.1.3.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:cax80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "673A83EA-E359-4629-8B20-5382C15260B2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF0F2B55-DBD3-4762-92EA-A01D57277A9D",
              "versionEndExcluding": "1.1.6.34",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "491CEB8D-22F3-4F86-96F0-03C5C58BA295",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A72582A2-5A44-4ED5-8497-FCAB59A125BE",
              "versionEndExcluding": "1.1.6.124",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DC64FD2-5D52-4BA2-8A5B-8AC11BE06243",
              "versionEndExcluding": "1.1.6.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A086E76-3F23-4C21-AC96-F11372A8A186",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F50C923-68DC-48EB-A41B-0D3F99B16E1F",
              "versionEndExcluding": "1.1.6.124",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F003F064-591C-4D7C-9EC4-D0E553BC6683",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E44445-7F76-4CD6-91AC-CEBC46DFA587",
              "versionEndExcluding": "1.1.6.14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A41218DC-3A06-4582-A8B8-0320F76F3DFC",
              "versionEndExcluding": "1.0.1.78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFC79CFE-9036-472C-AB28-FF293BBE1780",
              "versionEndExcluding": "1.0.4.126",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "169E2D0D-7D18-4AF1-8683-346BD1069DC1",
              "versionEndExcluding": "1.0.4.126",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E52E9373-C896-405F-9CEC-2E8707B249F5",
              "versionEndExcluding": "1.3.3.148",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376DD03-0DDD-4B0C-A185-EC226515B32A",
              "versionEndExcluding": "1.0.11.134",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D67D8C3-98DA-4B7D-BA7D-AB5F13E627F9",
              "versionEndExcluding": "1.3.3.148",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA99A24-E836-40F4-BF61-C4489E3713F0",
              "versionEndExcluding": "1.0.5.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD3DCC5-342C-4E66-8BFB-545C2D375A81",
              "versionEndExcluding": "1.4.3.88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "150CF98F-A933-4CF2-A4FF-5AF15A9E1E18",
              "versionEndExcluding": "1.4.3.88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "091CEDB5-0069-4253-86D8-B9FE17CB9F24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72325BC2-C9AC-4B24-865E-662BDF05BD99",
              "versionEndExcluding": "1.0.4.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "994D00CD-350B-4059-9C51-BF843C72B45E",
              "versionEndExcluding": "1.4.3.88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EE6DCC3-C225-45A3-A6D0-52BA730EC285",
              "versionEndExcluding": "1.0.2.158",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D60F61B-2487-46D7-8B93-4035147AA0AB",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B624B4D3-BCF4-4F95-B401-A88BEC3145A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35AE4A8C-19CF-44B0-83F1-F3386305B3E3",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7038703C-C79D-4DD4-8B16-E1A5FC6694C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C706F152-6163-4276-B608-C4AF196E070F",
              "versionEndExcluding": "1.0.6.138",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax35_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8ED09D-C874-45EB-AD84-1DB0129C55EC",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax35:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "972BB714-8869-42C6-95F6-2C15AFA65716",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax38_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C7B1AC-0329-48A9-87AD-596C0EC7B3C6",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax38:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8306FEBE-ED60-47F0-AB49-E629018D7C33",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax40_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04DAEBC1-A1A3-4329-AD32-D41E6576A9DA",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax40:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5F8B3F-C0D0-496C-A235-A467EA578C28",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "756EAEA3-3DC5-4F2F-8C92-29C12FCEAE2C",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D83182AB-E726-4371-B092-FA1920408FED",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28B1B071-C0AD-46AA-8B3D-AF32D71E088C",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178BB386-F66C-4CE8-9283-37D22B304691",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97147D06-DBE4-420F-AF06-604C74710080",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F540D5F-F4F5-47B1-B76F-C18004395596",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E50F2A-C46C-4875-84AB-04AA00BFA53F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E1737CE-683A-4A8D-9DDC-9BCF1822ABCF",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C430976E-24C0-4EA7-BF54-F9C188AB9C01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F282A9F3-E07C-44EB-A21A-462A3DEDAB39",
              "versionEndExcluding": "1.0.10.110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBB69710-DA7E-4011-A61A-BA40462A041F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E301ACAC-E217-4329-8A32-83946E61999E",
              "versionEndExcluding": "1.0.6.138",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8028906-D5AB-4CE6-8431-844E6F98B9AD",
              "versionEndExcluding": "1.0.6.138",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC7E8C9-62BD-45E2-8A7A-D29A6150622A",
              "versionEndExcluding": "1.5.1.86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2700644E-0940-4D05-B3CA-904D91739E58",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B98293B5-C804-4ED5-8344-12AA02E933CB",
              "versionEndExcluding": "1.0.0.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the name or email field provided to libreadycloud.so. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15874."
    }
  ],
  "id": "CVE-2022-27647",
  "lastModified": "2024-11-21T06:56:05.650",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9,
        "source": "zdi-disclosures@trendmicro.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-29T19:15:08.773",
  "references": [
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
    },
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-524/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-524/"
    }
  ],
  "sourceIdentifier": "zdi-disclosures@trendmicro.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "zdi-disclosures@trendmicro.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-05-07 23:15
Modified
2025-08-14 01:41
Severity ?
8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-13709.
References
zdi-disclosures@trendmicro.comhttps://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159Vendor Advisory
zdi-disclosures@trendmicro.comhttps://www.zerodayinitiative.com/advisories/ZDI-21-1274/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-21-1274/Third Party Advisory
Impacted products
Vendor Product Version
netgear dc112a_firmware *
netgear dc112a -
netgear ex3700_firmware *
netgear ex3700 -
netgear ex3800_firmware *
netgear ex3800 -
netgear ex6120_firmware *
netgear ex6120 -
netgear ex6130_firmware *
netgear ex6130 -
netgear ex7000_firmware *
netgear ex7000 -
netgear ex7500_firmware *
netgear ex7500 -
netgear mr60_firmware *
netgear mr60 -
netgear mr80_firmware *
netgear mr80 -
netgear ms60_firmware *
netgear ms60 -
netgear ms80_firmware *
netgear ms80 -
netgear lax20_firmware *
netgear lax20 -
netgear r6400_firmware *
netgear r6400 -
netgear r6400v2_firmware *
netgear r6400v2 -
netgear r6700v3_firmware *
netgear r6700v3 -
netgear r6900p_firmware *
netgear r6900p -
netgear r7000_firmware *
netgear r7000 -
netgear r7000p_firmware *
netgear r7000p -
netgear r7100lg_firmware *
netgear r7100lg -
netgear r7850_firmware *
netgear r7850 -
netgear r7900p_firmware *
netgear r7900p -
netgear r7960p_firmware *
netgear r7960p -
netgear r8000_firmware *
netgear r8000 -
netgear r8000p_firmware *
netgear r8000p -
netgear r8300_firmware *
netgear r8300 -
netgear r8500_firmware *
netgear r8500 -
netgear rax15_firmware *
netgear rax15 -
netgear rax20_firmware *
netgear rax20 -
netgear rax200_firmware *
netgear rax200 -
netgear rax35v2_firmware *
netgear rax35v2 -
netgear rax38v2_firmware *
netgear rax38v2 -
netgear rax40v2_firmware *
netgear rax40v2 -
netgear rax42_firmware *
netgear rax42 -
netgear rax43_firmware *
netgear rax43 -
netgear rax45_firmware *
netgear rax45 -
netgear rax48_firmware *
netgear rax48 -
netgear rax50_firmware *
netgear rax50 -
netgear rax50s_firmware *
netgear rax50s -
netgear rax75_firmware *
netgear rax75 -
netgear rax80_firmware *
netgear rax80 -
netgear raxe450_firmware *
netgear raxe450 -
netgear raxe500_firmware *
netgear raxe500 -
netgear rs400_firmware *
netgear rs400 -
netgear wndr3400v3_firmware *
netgear wndr3400v3 -
netgear wnr3500lv2_firmware *
netgear wnr3500lv2 -
netgear xr1000_firmware *
netgear xr1000 -
netgear xr300_firmware *
netgear xr300 -
netgear d6220_firmware *
netgear d6220 -
netgear d6400_firmware *
netgear d6400 -
netgear d7000v2_firmware *
netgear d7000v2 -
netgear dgn2200v4_firmware *
netgear dgn2200v4 -
netgear v6510-1fxaus_firmware *
netgear v6510-1fxaus -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B4ECB05-E606-439C-9B67-DB5042FCD50E",
              "versionEndExcluding": "1.0.0.62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F87FFC46-137D-45B8-B437-F15565FB33D0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A65EE9FC-A015-4D92-8DA3-40C8594D843D",
              "versionEndExcluding": "1.0.0.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED72FFCA-F5A8-480D-8A29-C14FFC490B33",
              "versionEndExcluding": "1.0.0.94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ECBE89E-3C81-470A-80C0-F742D7ABC66D",
              "versionEndExcluding": "1.0.0.66",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D32948E-0E3F-4F1E-9BF8-AA159659B248",
              "versionEndExcluding": "1.0.0.46",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2D1A25A-22F9-49BF-8335-61EC6D0D1951",
              "versionEndExcluding": "1.0.1.106",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F45B620-60B8-40F3-A055-181ADD71EFFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAFA0844-677F-4753-9289-DFEB4B59D689",
              "versionEndExcluding": "1.0.1.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44336289-F9DA-4779-8C1A-0221E29E2E2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F6E7187-B191-473D-9E9D-0990447AB8C6",
              "versionEndExcluding": "1.1.6.122",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FDB0ED7-C249-4B35-B8E5-A0AE2BE311E0",
              "versionEndExcluding": "1.1.6.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A086E76-3F23-4C21-AC96-F11372A8A186",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "476B2ED6-D7C9-4B84-BCD0-9C98B80A5F53",
              "versionEndExcluding": "1.1.6.122",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F003F064-591C-4D7C-9EC4-D0E553BC6683",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "759DA00A-1088-453C-94C6-5037E04CD81A",
              "versionEndExcluding": "1.1.6.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D02824FC-0D56-4422-A5D5-4944BA2FA897",
              "versionEndExcluding": "1.1.6.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "491CEB8D-22F3-4F86-96F0-03C5C58BA295",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C7F4455-0A09-49B7-A117-1834F20B9FD1",
              "versionEndExcluding": "1.0.1.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58DA0D12-4A91-4063-94C1-5154669BE6D5",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEB4D53-DD21-4145-B802-3ECC00998CC4",
              "versionEndExcluding": "1.0.4.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C88DA385-5FAE-49EC-80D6-78F81E7EEC16",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E52E9373-C896-405F-9CEC-2E8707B249F5",
              "versionEndExcluding": "1.3.3.148",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "047F5F65-909C-4151-A8DF-B3DD7CDEEDEF",
              "versionEndExcluding": "1.0.11.128",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D67D8C3-98DA-4B7D-BA7D-AB5F13E627F9",
              "versionEndExcluding": "1.3.3.148",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F445F83B-1CFC-41E9-9446-72E1FCE5A222",
              "versionEndExcluding": "1.0.0.72",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "366FA778-3C2A-42AF-9141-DAD7043B406C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17FF56D6-F2B4-406A-AFFE-B9502E22FFDE",
              "versionEndExcluding": "1.0.5.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA344C08-94F1-47F8-9607-3D854B890E19",
              "versionEndExcluding": "1.4.2.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B2293C-09AD-4B5A-B2A0-923E2B9923AA",
              "versionEndExcluding": "1.4.2.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "091CEDB5-0069-4253-86D8-B9FE17CB9F24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A83ECB19-F32A-4413-8B51-3B871F1C2610",
              "versionEndExcluding": "1.0.4.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4905D866-2326-487F-AAA5-96ABA0DBD56E",
              "versionEndExcluding": "1.4.2.84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB34F838-B338-41CC-9EC8-4712C4CF84AE",
              "versionEndExcluding": "1.0.2.156",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A9B77E7-7439-48C6-989F-5E22CB4D3044",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5D6D75-ADD4-4D61-A54A-4DA0FE9722B9",
              "versionEndExcluding": "1.0.2.156",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63500DE4-BDBD-4F86-AB99-7DB084D0B912",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8D5268F-C2DA-4323-A71A-784DAB080D64",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B624B4D3-BCF4-4F95-B401-A88BEC3145A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4936DA57-0FEF-4BD1-8075-7DBB144D6C51",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7038703C-C79D-4DD4-8B16-E1A5FC6694C0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1071E817-2865-4D9A-BAD6-36CDCC86A2D3",
              "versionEndExcluding": "1.0.5.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8EBFE8-A19D-4095-902D-E3DE5FE9B152",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9358B2F2-D24E-434D-AEE5-6CE093598793",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax38v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "622B679D-8F20-40A2-B8CB-054FCB13DC8E",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax38v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE59D8F1-1883-4C96-8099-AA6B362A8D2B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E7252E5-A12A-49E7-BFF5-2974FBC876F0",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax42_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6786B925-498E-458D-94F4-83F337DE469C",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax42:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D83182AB-E726-4371-B092-FA1920408FED",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3128D842-33C1-453A-B4BF-F383F7C7A924",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178BB386-F66C-4CE8-9283-37D22B304691",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDFCA49-7EF9-413B-A7CA-7D51CA7D12CB",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax48_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78BF9561-75D1-4B7A-ABE3-871D6C647978",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax48:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E50F2A-C46C-4875-84AB-04AA00BFA53F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D36A7666-610A-4C67-AD7D-C4473CC35994",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C430976E-24C0-4EA7-BF54-F9C188AB9C01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax50s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F6B59EE-5B90-4139-8306-B50846BB1EC6",
              "versionEndExcluding": "1.0.4.100",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax50s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBB69710-DA7E-4011-A61A-BA40462A041F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6065375D-CB51-403B-B6CD-BBBA53685E08",
              "versionEndExcluding": "1.0.5.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "324447B4-A3B2-41C7-A003-F7A09C66ACD2",
              "versionEndExcluding": "1.0.5.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:raxe450_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24003AB5-CFB9-4A28-BDBE-2800B5222865",
              "versionEndExcluding": "1.0.8.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:raxe450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D7EC2C-E443-4749-854E-5BC057CA6B06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:raxe500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018EFBF6-9AE3-4361-B8E2-A0A4B668295F",
              "versionEndExcluding": "1.0.8.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:raxe500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D23ADF0-05B4-4163-9666-3F470FB19E01",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A",
              "versionEndExcluding": "1.5.1.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2700644E-0940-4D05-B3CA-904D91739E58",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "836591C8-6B93-4C41-808D-9FF4080A5F51",
              "versionEndExcluding": "1.0.1.42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F227D8-332F-4D24-BAEA-AA5DB3E3EC95",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:wnr3500lv2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3EC77D7-D5B5-48A4-ACF9-7919A7254A31",
              "versionEndExcluding": "1.2.0.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:wnr3500lv2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3F6D58-D900-41B4-8626-58928866208A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E53E84D2-5378-405C-8D98-2DB746048FC5",
              "versionEndExcluding": "1.0.0.64",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE70236-D1C6-4B58-8385-1FA5F71916AF",
              "versionEndExcluding": "1.0.3.68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5590CF28-B88A-4755-904B-1BC1778FBEDD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD93F750-1D77-4E8F-86EB-581C0102474B",
              "versionEndExcluding": "1.0.0.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "204E3FEE-153C-46A8-8651-8CF90A37F04D",
              "versionEndExcluding": "1.0.0.108",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D30939B-86E3-4C78-9B05-686B4994C8B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F21298B-8FEA-4E17-BF38-65F247D6271C",
              "versionEndExcluding": "1.0.0.76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EDEBC41-D9AA-4822-AC01-CFA4B24A08A6",
              "versionEndExcluding": "1.0.0.126",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE59214-C8A1-4337-A54C-E4E8C149B241",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:v6510-1fxaus_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10C3B249-3491-4F4F-9D0C-758AFDFB3416",
              "versionEndExcluding": "1.0.0.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:v6510-1fxaus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "537F4FAF-40FF-4858-8072-AC5B5A193ABC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the httpd service, which listens on TCP port 80 by default. When parsing the strings file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n\n\n\n\n. Was ZDI-CAN-13709."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria httpd de m\u00faltiples enrutadores de NETGEAR. Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en instalaciones afectadas de m\u00faltiples enrutadores NETGEAR. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro del servicio httpd, que escucha en el puerto TCP 80 de forma predeterminada. Al analizar el archivo de cadenas, el proceso no valida correctamente la longitud de los datos proporcionados por el usuario antes de copiarlos en un b\u00fafer basado en pila de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de la ra\u00edz. Era ZDI-CAN-13709."
    }
  ],
  "id": "CVE-2021-34982",
  "lastModified": "2025-08-14T01:41:19.343",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "zdi-disclosures@trendmicro.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-07T23:15:13.400",
  "references": [
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
    },
    {
      "source": "zdi-disclosures@trendmicro.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1274/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1274/"
    }
  ],
  "sourceIdentifier": "zdi-disclosures@trendmicro.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "zdi-disclosures@trendmicro.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}