Vulnerabilites related to netgear - rbs750_firmware
cve-2021-45580
Vulnerability from cvelistv5
Published
2021-12-26 00:43
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.587Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064102/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0088", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:43:50", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064102/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0088", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45580", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064102/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0088", refsource: "MISC", url: "https://kb.netgear.com/000064102/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0088", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45580", datePublished: "2021-12-26T00:43:50", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.587Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45630
Vulnerability from cvelistv5
Published
2021-12-26 00:32
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.872Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064135/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0498", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:32:59", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064135/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0498", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45630", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064135/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0498", refsource: "MISC", url: "https://kb.netgear.com/000064135/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0498", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45630", datePublished: "2021-12-26T00:32:59", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.872Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26904
Vulnerability from cvelistv5
Published
2020-10-09 06:33
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:23.152Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062350/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0046", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:33:21", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062350/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0046", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26904", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062350/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0046", refsource: "MISC", url: "https://kb.netgear.com/000062350/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0046", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26904", datePublished: "2020-10-09T06:33:21", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:23.152Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45546
Vulnerability from cvelistv5
Published
2021-12-26 00:52
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.417Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064524/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0566", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:52:56", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064524/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0566", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45546", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064524/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0566", refsource: "MISC", url: "https://kb.netgear.com/000064524/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0566", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45546", datePublished: "2021-12-26T00:52:56", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.417Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29068
Vulnerability from cvelistv5
Published
2021-03-23 06:57
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.644Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-23T07:04:52", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29068", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155", refsource: "MISC", url: "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29068", datePublished: "2021-03-23T06:57:00", dateReserved: "2021-03-23T00:00:00", dateUpdated: "2024-08-03T21:55:12.644Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29082
Vulnerability from cvelistv5
Published
2021-03-23 06:58
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30 before 2.6.1.4, RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBK754 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK854 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.631Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30 before 2.6.1.4, RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBK754 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK854 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-23T06:58:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29082", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30 before 2.6.1.4, RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBK754 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK854 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037", refsource: "MISC", url: "https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29082", datePublished: "2021-03-23T06:58:28", dateReserved: "2021-03-23T00:00:00", dateUpdated: "2024-08-03T21:55:12.631Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14434
Vulnerability from cvelistv5
Published
2020-06-18 16:34
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.525Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061934/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0040", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:34:38", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061934/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0040", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14434", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061934/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0040", refsource: "CONFIRM", url: "https://kb.netgear.com/000061934/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0040", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14434", datePublished: "2020-06-18T16:34:38", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.525Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45617
Vulnerability from cvelistv5
Published
2021-12-26 00:35
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX7500 before 1.0.0.72, R6400 before 1.0.1.68, R6900P before 1.3.2.132, R7000 before 1.0.11.116, R7000P before 1.3.2.132, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.66, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, MK62 before 1.0.6.110, MR60 before 1.0.6.110, R6400v2 before 1.0.4.106, R8000P before 1.4.1.66, RAX20 before 1.0.2.64, RAX45 before 1.0.2.82, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, R6700v3 before 1.0.4.106, R7900P before 1.4.1.66, RAX15 before 1.0.2.64, RAX50 before 1.0.2.82, RAX75 before 1.0.3.106, RBR750 before 3.2.16.22, RBR850 before 3.2.16.22, RBS750 before 3.2.16.22, RBS850 before 3.2.16.22, RBK752 before 3.2.16.22, and RBK852 before 3.2.16.22.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.873Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064505/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0156", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX7500 before 1.0.0.72, R6400 before 1.0.1.68, R6900P before 1.3.2.132, R7000 before 1.0.11.116, R7000P before 1.3.2.132, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.66, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, MK62 before 1.0.6.110, MR60 before 1.0.6.110, R6400v2 before 1.0.4.106, R8000P before 1.4.1.66, RAX20 before 1.0.2.64, RAX45 before 1.0.2.82, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, R6700v3 before 1.0.4.106, R7900P before 1.4.1.66, RAX15 before 1.0.2.64, RAX50 before 1.0.2.82, RAX75 before 1.0.3.106, RBR750 before 3.2.16.22, RBR850 before 3.2.16.22, RBS750 before 3.2.16.22, RBS850 before 3.2.16.22, RBK752 before 3.2.16.22, and RBK852 before 3.2.16.22.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:35:36", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064505/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0156", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45617", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX7500 before 1.0.0.72, R6400 before 1.0.1.68, R6900P before 1.3.2.132, R7000 before 1.0.11.116, R7000P before 1.3.2.132, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.66, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, MK62 before 1.0.6.110, MR60 before 1.0.6.110, R6400v2 before 1.0.4.106, R8000P before 1.4.1.66, RAX20 before 1.0.2.64, RAX45 before 1.0.2.82, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, R6700v3 before 1.0.4.106, R7900P before 1.4.1.66, RAX15 before 1.0.2.64, RAX50 before 1.0.2.82, RAX75 before 1.0.3.106, RBR750 before 3.2.16.22, RBR850 before 3.2.16.22, RBS750 before 3.2.16.22, RBS850 before 3.2.16.22, RBK752 before 3.2.16.22, and RBK852 before 3.2.16.22.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064505/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0156", refsource: "MISC", url: "https://kb.netgear.com/000064505/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0156", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45617", datePublished: "2021-12-26T00:35:36", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.873Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29067
Vulnerability from cvelistv5
Published
2021-03-23 07:00
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.518Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063017/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0492", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-23T07:00:27", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063017/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0492", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29067", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063017/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0492", refsource: "MISC", url: "https://kb.netgear.com/000063017/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0492", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29067", datePublished: "2021-03-23T07:00:28", dateReserved: "2021-03-23T00:00:00", dateUpdated: "2024-08-03T21:55:12.518Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14428
Vulnerability from cvelistv5
Published
2020-06-18 16:21
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.682Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061936/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0044", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:21:45", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061936/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0044", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14428", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061936/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0044", refsource: "CONFIRM", url: "https://kb.netgear.com/000061936/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0044", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14428", datePublished: "2020-06-18T16:21:45", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.682Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14436
Vulnerability from cvelistv5
Published
2020-06-18 16:35
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.600Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061933/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0039", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:35:43", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061933/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0039", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14436", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061933/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0039", refsource: "CONFIRM", url: "https://kb.netgear.com/000061933/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0039", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14436", datePublished: "2020-06-18T16:35:43", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.600Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45505
Vulnerability from cvelistv5
Published
2021-12-26 01:02
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.275Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064129/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0477", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T01:02:31", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064129/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0477", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45505", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064129/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0477", refsource: "MISC", url: "https://kb.netgear.com/000064129/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0477", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45505", datePublished: "2021-12-26T01:02:31", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.275Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45563
Vulnerability from cvelistv5
Published
2021-12-26 00:48
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.382Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064084/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0066", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:48:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064084/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0066", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45563", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064084/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0066", refsource: "MISC", url: "https://kb.netgear.com/000064084/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0066", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45563", datePublished: "2021-12-26T00:48:39", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.382Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45566
Vulnerability from cvelistv5
Published
2021-12-26 00:48
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.533Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064087/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0070", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:48:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064087/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0070", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45566", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064087/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0070", refsource: "MISC", url: "https://kb.netgear.com/000064087/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0070", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45566", datePublished: "2021-12-26T00:48:09", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.533Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45635
Vulnerability from cvelistv5
Published
2021-12-26 00:32
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.751Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064134/Security-Advisory-for-Pre-Authentication-Command-Injection-on-WiFi-Systems-PSV-2020-0491", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:32:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064134/Security-Advisory-for-Pre-Authentication-Command-Injection-on-WiFi-Systems-PSV-2020-0491", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45635", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064134/Security-Advisory-for-Pre-Authentication-Command-Injection-on-WiFi-Systems-PSV-2020-0491", refsource: "MISC", url: "https://kb.netgear.com/000064134/Security-Advisory-for-Pre-Authentication-Command-Injection-on-WiFi-Systems-PSV-2020-0491", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45635", datePublished: "2021-12-26T00:32:07", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.751Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45507
Vulnerability from cvelistv5
Published
2021-12-26 01:02
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBW30 before 2.6.2.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBS40V before 2.6.2.8.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.394Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064131/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0487", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBW30 before 2.6.2.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBS40V before 2.6.2.8.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T01:02:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064131/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0487", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45507", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBW30 before 2.6.2.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBS40V before 2.6.2.8.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064131/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0487", refsource: "MISC", url: "https://kb.netgear.com/000064131/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0487", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45507", datePublished: "2021-12-26T01:02:10", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.394Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26901
Vulnerability from cvelistv5
Published
2020-10-09 06:33
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.806Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062353/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0036", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:33:49", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062353/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0036", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26901", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062353/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0036", refsource: "MISC", url: "https://kb.netgear.com/000062353/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0036", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26901", datePublished: "2020-10-09T06:33:49", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:22.806Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45515
Vulnerability from cvelistv5
Published
2021-12-26 01:00
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, RBRE960 before 6.0.3.68, RBSE960 before 6.0.3.68, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.461Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064484/Security-Advisory-for-Denial-of-Service-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0286", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, RBRE960 before 6.0.3.68, RBSE960 before 6.0.3.68, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:N/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T01:00:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064484/Security-Advisory-for-Denial-of-Service-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0286", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45515", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, RBRE960 before 6.0.3.68, RBSE960 before 6.0.3.68, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:N/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064484/Security-Advisory-for-Denial-of-Service-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0286", refsource: "MISC", url: "https://kb.netgear.com/000064484/Security-Advisory-for-Denial-of-Service-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0286", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45515", datePublished: "2021-12-26T01:00:39", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.461Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45561
Vulnerability from cvelistv5
Published
2021-12-26 00:50
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.453Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064165/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0059", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:50:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064165/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0059", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45561", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064165/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0059", refsource: "MISC", url: "https://kb.netgear.com/000064165/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0059", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45561", datePublished: "2021-12-26T00:50:01", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.453Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26899
Vulnerability from cvelistv5
Published
2020-10-09 06:34
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:23.044Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062355/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0030", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:34:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062355/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0030", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26899", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062355/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0030", refsource: "MISC", url: "https://kb.netgear.com/000062355/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0030", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26899", datePublished: "2020-10-09T06:34:09", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:23.044Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45590
Vulnerability from cvelistv5
Published
2021-12-26 00:41
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.795Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064112/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0098", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:41:59", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064112/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0098", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45590", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064112/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0098", refsource: "MISC", url: "https://kb.netgear.com/000064112/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0098", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45590", datePublished: "2021-12-26T00:41:59", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.795Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45538
Vulnerability from cvelistv5
Published
2021-12-26 00:54
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.518Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064088/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0074", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:54:22", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064088/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0074", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45538", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064088/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0074", refsource: "MISC", url: "https://kb.netgear.com/000064088/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0074", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45538", datePublished: "2021-12-26T00:54:22", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.518Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45558
Vulnerability from cvelistv5
Published
2021-12-26 00:50
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.456Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064078/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0053", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:50:36", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064078/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0053", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45558", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064078/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0053", refsource: "MISC", url: "https://kb.netgear.com/000064078/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0053", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45558", datePublished: "2021-12-26T00:50:36", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.456Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45665
Vulnerability from cvelistv5
Published
2021-12-26 00:26
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.863Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:26:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45665", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247", refsource: "MISC", url: "https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45665", datePublished: "2021-12-26T00:26:16", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.863Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45586
Vulnerability from cvelistv5
Published
2021-12-26 00:42
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.090Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064108/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0094", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:42:41", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064108/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0094", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45586", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064108/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0094", refsource: "MISC", url: "https://kb.netgear.com/000064108/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0094", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45586", datePublished: "2021-12-26T00:42:41", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.090Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45634
Vulnerability from cvelistv5
Published
2021-12-26 00:32
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.761Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064139/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0515", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:32:18", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064139/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0515", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45634", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064139/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0515", refsource: "MISC", url: "https://kb.netgear.com/000064139/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0515", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45634", datePublished: "2021-12-26T00:32:18", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.761Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45613
Vulnerability from cvelistv5
Published
2021-12-26 00:36
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.168Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:36:29", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45613", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508", refsource: "MISC", url: "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45613", datePublished: "2021-12-26T00:36:29", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.168Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26910
Vulnerability from cvelistv5
Published
2020-10-09 06:31
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.926Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062343/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0031", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:31:34", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062343/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0031", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26910", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062343/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0031", refsource: "MISC", url: "https://kb.netgear.com/000062343/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0031", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26910", datePublished: "2020-10-09T06:31:34", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:22.926Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14430
Vulnerability from cvelistv5
Published
2020-06-18 16:26
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.455Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061939/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0051", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:26:18", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061939/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0051", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14430", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061939/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0051", refsource: "CONFIRM", url: "https://kb.netgear.com/000061939/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0051", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14430", datePublished: "2020-06-18T16:26:18", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.455Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45588
Vulnerability from cvelistv5
Published
2021-12-26 00:42
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.885Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064110/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0096", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:42:19", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064110/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0096", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45588", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064110/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0096", refsource: "MISC", url: "https://kb.netgear.com/000064110/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0096", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45588", datePublished: "2021-12-26T00:42:19", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.885Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45639
Vulnerability from cvelistv5
Published
2021-12-26 00:31
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.688Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064460/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0121", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:31:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064460/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0121", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45639", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "NONE", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:R", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064460/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0121", refsource: "MISC", url: "https://kb.netgear.com/000064460/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0121", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45639", datePublished: "2021-12-26T00:31:15", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.688Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29074
Vulnerability from cvelistv5
Published
2021-03-23 06:59
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.649Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063011/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Routers-PSV-2020-0467", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-23T06:59:37", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063011/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Routers-PSV-2020-0467", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29074", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063011/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Routers-PSV-2020-0467", refsource: "MISC", url: "https://kb.netgear.com/000063011/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Routers-PSV-2020-0467", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29074", datePublished: "2021-03-23T06:59:37", dateReserved: "2021-03-23T00:00:00", dateUpdated: "2024-08-03T21:55:12.649Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45527
Vulnerability from cvelistv5
Published
2021-12-26 00:58
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.497Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064493/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0437", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:58:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064493/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0437", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45527", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064493/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0437", refsource: "MISC", url: "https://kb.netgear.com/000064493/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0437", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45527", datePublished: "2021-12-26T00:58:02", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.497Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45581
Vulnerability from cvelistv5
Published
2021-12-26 00:43
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.990Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064103/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0089", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:43:41", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064103/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0089", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45581", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064103/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0089", refsource: "MISC", url: "https://kb.netgear.com/000064103/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0089", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45581", datePublished: "2021-12-26T00:43:41", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.990Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29077
Vulnerability from cvelistv5
Published
2021-03-23 06:59
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.666Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063016/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0486", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-23T06:59:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063016/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0486", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29077", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063016/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0486", refsource: "MISC", url: "https://kb.netgear.com/000063016/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0486", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29077", datePublished: "2021-03-23T06:59:16", dateReserved: "2021-03-23T00:00:00", dateUpdated: "2024-08-03T21:55:12.666Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45571
Vulnerability from cvelistv5
Published
2021-12-26 00:46
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.455Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064093/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0079", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:46:35", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064093/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0079", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45571", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064093/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0079", refsource: "MISC", url: "https://kb.netgear.com/000064093/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0079", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45571", datePublished: "2021-12-26T00:46:35", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.455Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-38516
Vulnerability from cvelistv5
Published
2021-08-11 00:03
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D7800 before 1.0.1.44, D8500 before 1.0.3.43, DC112A before 1.0.0.40, DGN2200v4 before 1.0.0.108, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.40, R6850 before 1.1.0.40, R6350 before 1.1.0.40, R6400v2 before 1.0.2.62, R6700v3 before 1.0.2.62, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7000 before 1.0.9.34, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7200 before 1.2.0.48, R7350 before 1.2.0.48, R7400 before 1.2.0.48, R7450 before 1.2.0.36, AC2100 before 1.2.0.36, AC2400 before 1.2.0.36, AC2600 before 1.2.0.36, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, R7900 before 1.0.3.8, R7960P before 1.4.1.44, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RAX120 before 1.0.0.74, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, WNR3500Lv2 before 1.2.0.56, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:44:23.403Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063780/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2020-0273", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D7800 before 1.0.1.44, D8500 before 1.0.3.43, DC112A before 1.0.0.40, DGN2200v4 before 1.0.0.108, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.40, R6850 before 1.1.0.40, R6350 before 1.1.0.40, R6400v2 before 1.0.2.62, R6700v3 before 1.0.2.62, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7000 before 1.0.9.34, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7200 before 1.2.0.48, R7350 before 1.2.0.48, R7400 before 1.2.0.48, R7450 before 1.2.0.36, AC2100 before 1.2.0.36, AC2400 before 1.2.0.36, AC2600 before 1.2.0.36, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, R7900 before 1.0.3.8, R7960P before 1.4.1.44, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RAX120 before 1.0.0.74, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, WNR3500Lv2 before 1.2.0.56, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-11T00:03:18", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063780/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2020-0273", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-38516", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D7800 before 1.0.1.44, D8500 before 1.0.3.43, DC112A before 1.0.0.40, DGN2200v4 before 1.0.0.108, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.40, R6850 before 1.1.0.40, R6350 before 1.1.0.40, R6400v2 before 1.0.2.62, R6700v3 before 1.0.2.62, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7000 before 1.0.9.34, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7200 before 1.2.0.48, R7350 before 1.2.0.48, R7400 before 1.2.0.48, R7450 before 1.2.0.36, AC2100 before 1.2.0.36, AC2400 before 1.2.0.36, AC2600 before 1.2.0.36, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, R7900 before 1.0.3.8, R7960P before 1.4.1.44, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RAX120 before 1.0.0.74, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, WNR3500Lv2 before 1.2.0.56, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063780/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2020-0273", refsource: "MISC", url: "https://kb.netgear.com/000063780/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2020-0273", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-38516", datePublished: "2021-08-11T00:03:18", dateReserved: "2021-08-10T00:00:00", dateUpdated: "2024-08-04T01:44:23.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26906
Vulnerability from cvelistv5
Published
2020-10-09 06:32
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.867Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062348/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0048", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:32:57", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062348/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0048", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26906", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062348/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0048", refsource: "MISC", url: "https://kb.netgear.com/000062348/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0048", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26906", datePublished: "2020-10-09T06:32:57", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:22.867Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26905
Vulnerability from cvelistv5
Published
2020-10-09 06:33
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.926Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062349/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0047", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:33:13", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062349/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0047", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26905", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062349/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0047", refsource: "MISC", url: "https://kb.netgear.com/000062349/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0047", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26905", datePublished: "2020-10-09T06:33:13", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:22.926Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45541
Vulnerability from cvelistv5
Published
2021-12-26 00:53
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900 before 1.0.4.38, R7900P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.491Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0246", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900 before 1.0.4.38, R7900P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:53:54", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0246", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45541", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900 before 1.0.4.38, R7900P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0246", refsource: "MISC", url: "https://kb.netgear.com/000064479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0246", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45541", datePublished: "2021-12-26T00:53:54", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.491Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35798
Vulnerability from cvelistv5
Published
2020-12-29 23:38
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.203Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062715/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2019-0218", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:38:37", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062715/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2019-0218", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35798", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062715/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2019-0218", refsource: "MISC", url: "https://kb.netgear.com/000062715/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2019-0218", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35798", datePublished: "2020-12-29T23:38:37", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.203Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14426
Vulnerability from cvelistv5
Published
2020-06-18 16:20
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBK853 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, RBK842 before 3.2.10.11, RBR840 before 3.2.10.11, and RBS840 before 3.2.10.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.252Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061931/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-Wifi-Systems-PSV-2020-0033", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBK853 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, RBK842 before 3.2.10.11, RBR840 before 3.2.10.11, and RBS840 before 3.2.10.11.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:20:03", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061931/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-Wifi-Systems-PSV-2020-0033", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14426", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBK853 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, RBK842 before 3.2.10.11, RBR840 before 3.2.10.11, and RBS840 before 3.2.10.11.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061931/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-Wifi-Systems-PSV-2020-0033", refsource: "CONFIRM", url: "https://kb.netgear.com/000061931/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-Wifi-Systems-PSV-2020-0033", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14426", datePublished: "2020-06-18T16:20:03", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.252Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14440
Vulnerability from cvelistv5
Published
2020-06-18 16:39
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.308Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061943/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0065", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:39:13", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061943/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0065", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14440", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061943/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0065", refsource: "CONFIRM", url: "https://kb.netgear.com/000061943/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0065", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14440", datePublished: "2020-06-18T16:39:13", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.308Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45614
Vulnerability from cvelistv5
Published
2021-12-26 00:36
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:02.115Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064141/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0520", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:36:20", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064141/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0520", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45614", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064141/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0520", refsource: "MISC", url: "https://kb.netgear.com/000064141/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0520", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45614", datePublished: "2021-12-26T00:36:20", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:02.115Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45615
Vulnerability from cvelistv5
Published
2021-12-26 00:36
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.370Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064514/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0521", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:36:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064514/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0521", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45615", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064514/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0521", refsource: "MISC", url: "https://kb.netgear.com/000064514/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0521", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45615", datePublished: "2021-12-26T00:36:07", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.370Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45667
Vulnerability from cvelistv5
Published
2021-12-26 00:25
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R8000P before 1.4.1.66, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R7900P before 1.4.1.66, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.865Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064481/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0256", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R8000P before 1.4.1.66, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R7900P before 1.4.1.66, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:25:53", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064481/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0256", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45667", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R8000P before 1.4.1.66, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R7900P before 1.4.1.66, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064481/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0256", refsource: "MISC", url: "https://kb.netgear.com/000064481/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0256", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45667", datePublished: "2021-12-26T00:25:53", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.865Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26928
Vulnerability from cvelistv5
Published
2020-10-09 06:27
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:23.151Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062324/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0027", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:27:03", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062324/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0027", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26928", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062324/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0027", refsource: "MISC", url: "https://kb.netgear.com/000062324/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0027", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26928", datePublished: "2020-10-09T06:27:03", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:23.151Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45616
Vulnerability from cvelistv5
Published
2021-12-26 00:35
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.869Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064527/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0576", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:35:57", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064527/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0576", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45616", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064527/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0576", refsource: "MISC", url: "https://kb.netgear.com/000064527/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0576", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45616", datePublished: "2021-12-26T00:35:57", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.869Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45506
Vulnerability from cvelistv5
Published
2021-12-26 01:02
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.518Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064130/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0483", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T01:02:20", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064130/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0483", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45506", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064130/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0483", refsource: "MISC", url: "https://kb.netgear.com/000064130/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0483", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45506", datePublished: "2021-12-26T01:02:20", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.518Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45575
Vulnerability from cvelistv5
Published
2021-12-26 00:44
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.302Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064097/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0083", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:44:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064097/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0083", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45575", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064097/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0083", refsource: "MISC", url: "https://kb.netgear.com/000064097/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0083", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45575", datePublished: "2021-12-26T00:44:46", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.302Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45562
Vulnerability from cvelistv5
Published
2021-12-26 00:49
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.400Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064082/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0060", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:49:51", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064082/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0060", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45562", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064082/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0060", refsource: "MISC", url: "https://kb.netgear.com/000064082/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0060", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45562", datePublished: "2021-12-26T00:49:51", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.400Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35802
Vulnerability from cvelistv5
Published
2020-12-29 23:37
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.188Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:37:56", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35802", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331", refsource: "MISC", url: "https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35802", datePublished: "2020-12-29T23:37:56", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.188Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35796
Vulnerability from cvelistv5
Published
2020-12-29 23:29
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100 before 1.0.2.28, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150 before 1.0.0.46, EX6200 before 1.0.3.94, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6250 before 1.0.4.42, R6300v2 before 1.0.4.42, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6700 before 1.0.2.16, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V-200 before 1.0.0.46, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3500RP before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.177Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062717/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2020-0201", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100 before 1.0.2.28, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150 before 1.0.0.46, EX6200 before 1.0.3.94, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6250 before 1.0.4.42, R6300v2 before 1.0.4.42, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6700 before 1.0.2.16, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V-200 before 1.0.0.46, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3500RP before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:29:49", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062717/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2020-0201", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35796", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100 before 1.0.2.28, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150 before 1.0.0.46, EX6200 before 1.0.3.94, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6250 before 1.0.4.42, R6300v2 before 1.0.4.42, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6700 before 1.0.2.16, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V-200 before 1.0.0.46, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3500RP before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062717/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2020-0201", refsource: "MISC", url: "https://kb.netgear.com/000062717/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2020-0201", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35796", datePublished: "2020-12-29T23:29:49", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.177Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29071
Vulnerability from cvelistv5
Published
2021-03-23 06:59
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBR752 before 3.2.17.12, RBR753 before 3.2.17.12, RBR753S before 3.2.17.12, RBR754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.613Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063008/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0476", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBR752 before 3.2.17.12, RBR753 before 3.2.17.12, RBR753S before 3.2.17.12, RBR754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-23T06:59:58", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063008/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0476", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29071", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBR752 before 3.2.17.12, RBR753 before 3.2.17.12, RBR753S before 3.2.17.12, RBR754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063008/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0476", refsource: "MISC", url: "https://kb.netgear.com/000063008/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0476", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29071", datePublished: "2021-03-23T06:59:58", dateReserved: "2021-03-23T00:00:00", dateUpdated: "2024-08-03T21:55:12.613Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45577
Vulnerability from cvelistv5
Published
2021-12-26 00:44
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.375Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064099/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0085", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:44:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064099/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0085", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45577", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064099/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0085", refsource: "MISC", url: "https://kb.netgear.com/000064099/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0085", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45577", datePublished: "2021-12-26T00:44:17", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.375Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35794
Vulnerability from cvelistv5
Published
2020-12-29 23:39
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.224Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062629/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0034", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:39:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062629/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0034", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35794", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062629/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0034", refsource: "MISC", url: "https://kb.netgear.com/000062629/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0034", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35794", datePublished: "2020-12-29T23:39:06", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.224Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45547
Vulnerability from cvelistv5
Published
2021-12-26 00:52
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.514Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064525/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0567", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:52:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064525/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0567", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45547", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064525/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0567", refsource: "MISC", url: "https://kb.netgear.com/000064525/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0567", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45547", datePublished: "2021-12-26T00:52:46", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.514Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35800
Vulnerability from cvelistv5
Published
2020-12-29 23:29
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D6000 before 1.0.0.80, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D7800 before 1.0.3.48, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, DM200 before 1.0.0.66, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX2700 before 1.0.1.58, EX3110 before 1.0.1.68, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100v2 before 1.0.1.94, EX6110 before 1.0.1.68, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150v1 before 1.0.0.46, EX6150v2 before 1.0.1.94, EX6200v1 before 1.0.3.94, EX6250 before 1.0.0.128, EX6400 before 1.0.2.152, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7300 before 1.0.2.152, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, EX7500 before 1.0.0.68, EX7700 before 1.0.0.210, EX8000 before 1.0.1.224, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.42, R6260 before 1.1.0.76, R6300v2 before 1.0.4.42, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400v1 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v1 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900 before 1.0.2.16, R6900P before 1.3.2.124, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7500v2 before 1.0.3.48, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.5.24, RAX35 before 1.0.3.80, RAX40 before 1.0.3.80, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.38, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.5.1.6, RBS40V-200 before 1.0.0.46, RBS50Y before 2.6.1.40, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3000RPv3 before 1.0.2.86, WN3500RPv1 before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.177Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062733/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0112", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D6000 before 1.0.0.80, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D7800 before 1.0.3.48, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, DM200 before 1.0.0.66, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX2700 before 1.0.1.58, EX3110 before 1.0.1.68, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100v2 before 1.0.1.94, EX6110 before 1.0.1.68, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150v1 before 1.0.0.46, EX6150v2 before 1.0.1.94, EX6200v1 before 1.0.3.94, EX6250 before 1.0.0.128, EX6400 before 1.0.2.152, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7300 before 1.0.2.152, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, EX7500 before 1.0.0.68, EX7700 before 1.0.0.210, EX8000 before 1.0.1.224, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.42, R6260 before 1.1.0.76, R6300v2 before 1.0.4.42, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400v1 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v1 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900 before 1.0.2.16, R6900P before 1.3.2.124, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7500v2 before 1.0.3.48, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.5.24, RAX35 before 1.0.3.80, RAX40 before 1.0.3.80, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.38, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.5.1.6, RBS40V-200 before 1.0.0.46, RBS50Y before 2.6.1.40, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3000RPv3 before 1.0.2.86, WN3500RPv1 before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:29:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062733/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0112", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35800", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D6000 before 1.0.0.80, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D7800 before 1.0.3.48, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, DM200 before 1.0.0.66, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX2700 before 1.0.1.58, EX3110 before 1.0.1.68, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100v2 before 1.0.1.94, EX6110 before 1.0.1.68, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150v1 before 1.0.0.46, EX6150v2 before 1.0.1.94, EX6200v1 before 1.0.3.94, EX6250 before 1.0.0.128, EX6400 before 1.0.2.152, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7300 before 1.0.2.152, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, EX7500 before 1.0.0.68, EX7700 before 1.0.0.210, EX8000 before 1.0.1.224, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.42, R6260 before 1.1.0.76, R6300v2 before 1.0.4.42, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400v1 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v1 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900 before 1.0.2.16, R6900P before 1.3.2.124, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7500v2 before 1.0.3.48, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.5.24, RAX35 before 1.0.3.80, RAX40 before 1.0.3.80, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.38, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.5.1.6, RBS40V-200 before 1.0.0.46, RBS50Y before 2.6.1.40, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3000RPv3 before 1.0.2.86, WN3500RPv1 before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:L/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062733/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0112", refsource: "MISC", url: "https://kb.netgear.com/000062733/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0112", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35800", datePublished: "2020-12-29T23:29:39", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.177Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45582
Vulnerability from cvelistv5
Published
2021-12-26 00:43
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.962Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064104/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0090", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:43:31", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064104/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0090", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45582", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064104/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0090", refsource: "MISC", url: "https://kb.netgear.com/000064104/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0090", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45582", datePublished: "2021-12-26T00:43:31", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.962Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45503
Vulnerability from cvelistv5
Published
2021-12-26 01:02
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.197Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064127/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0474", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T01:02:51", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064127/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0474", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45503", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064127/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0474", refsource: "MISC", url: "https://kb.netgear.com/000064127/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0474", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45503", datePublished: "2021-12-26T01:02:51", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.197Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45671
Vulnerability from cvelistv5
Published
2021-12-26 00:25
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.877Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064482/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0261", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:25:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064482/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0261", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45671", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064482/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0261", refsource: "MISC", url: "https://kb.netgear.com/000064482/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0261", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45671", datePublished: "2021-12-26T00:25:07", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.877Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45583
Vulnerability from cvelistv5
Published
2021-12-26 00:43
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.593Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064105/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0091", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:43:13", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064105/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0091", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45583", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064105/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0091", refsource: "MISC", url: "https://kb.netgear.com/000064105/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0091", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45583", datePublished: "2021-12-26T00:43:13", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.593Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-38527
Vulnerability from cvelistv5
Published
2021-08-11 00:01
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v2 before 1.0.1.98, EX6250 before 1.0.0.132, EX6400 before 1.0.2.158, EX6400v2 before 1.0.0.132, EX6410 before 1.0.0.132, EX6420 before 1.0.0.132, EX7300 before 1.0.2.158, EX7300v2 before 1.0.0.132, EX7320 before 1.0.0.132, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, R7800 before 1.0.2.78, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.6.2.4, RBS50Y before 2.6.1.40, RBW30 before 2.6.2.2, and XR500 before 2.3.2.114.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:44:23.463Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063778/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Extenders-Routers-and-WiFi-Systems-PSV-2020-0025", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v2 before 1.0.1.98, EX6250 before 1.0.0.132, EX6400 before 1.0.2.158, EX6400v2 before 1.0.0.132, EX6410 before 1.0.0.132, EX6420 before 1.0.0.132, EX7300 before 1.0.2.158, EX7300v2 before 1.0.0.132, EX7320 before 1.0.0.132, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, R7800 before 1.0.2.78, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.6.2.4, RBS50Y before 2.6.1.40, RBW30 before 2.6.2.2, and XR500 before 2.3.2.114.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:N/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-11T00:01:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063778/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Extenders-Routers-and-WiFi-Systems-PSV-2020-0025", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-38527", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v2 before 1.0.1.98, EX6250 before 1.0.0.132, EX6400 before 1.0.2.158, EX6400v2 before 1.0.0.132, EX6410 before 1.0.0.132, EX6420 before 1.0.0.132, EX7300 before 1.0.2.158, EX7300v2 before 1.0.0.132, EX7320 before 1.0.0.132, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, R7800 before 1.0.2.78, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.6.2.4, RBS50Y before 2.6.1.40, RBW30 before 2.6.2.2, and XR500 before 2.3.2.114.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "NONE", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:N/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063778/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Extenders-Routers-and-WiFi-Systems-PSV-2020-0025", refsource: "MISC", url: "https://kb.netgear.com/000063778/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Extenders-Routers-and-WiFi-Systems-PSV-2020-0025", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-38527", datePublished: "2021-08-11T00:01:06", dateReserved: "2021-08-10T00:00:00", dateUpdated: "2024-08-04T01:44:23.463Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45632
Vulnerability from cvelistv5
Published
2021-12-26 00:32
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.517Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064137/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0505", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:32:38", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064137/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0505", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45632", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064137/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0505", refsource: "MISC", url: "https://kb.netgear.com/000064137/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0505", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45632", datePublished: "2021-12-26T00:32:38", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.517Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45631
Vulnerability from cvelistv5
Published
2021-12-26 00:32
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.576Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064136/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0504", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:32:49", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064136/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0504", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45631", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064136/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0504", refsource: "MISC", url: "https://kb.netgear.com/000064136/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0504", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45631", datePublished: "2021-12-26T00:32:49", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.576Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14433
Vulnerability from cvelistv5
Published
2020-06-18 16:33
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK842 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, and RBS750 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.580Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061932/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0035", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK842 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, and RBS750 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:33:53", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061932/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0035", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14433", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK842 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, and RBS750 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061932/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0035", refsource: "CONFIRM", url: "https://kb.netgear.com/000061932/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0035", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14433", datePublished: "2020-06-18T16:33:53", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.580Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45564
Vulnerability from cvelistv5
Published
2021-12-26 00:48
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.372Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064085/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0067", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:48:30", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064085/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0067", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45564", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064085/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0067", refsource: "MISC", url: "https://kb.netgear.com/000064085/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0067", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45564", datePublished: "2021-12-26T00:48:30", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.372Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45572
Vulnerability from cvelistv5
Published
2021-12-26 00:46
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.124Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064094/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0080", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:46:18", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064094/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0080", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45572", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064094/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0080", refsource: "MISC", url: "https://kb.netgear.com/000064094/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0080", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45572", datePublished: "2021-12-26T00:46:18", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.124Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45587
Vulnerability from cvelistv5
Published
2021-12-26 00:42
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.070Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064109/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0095", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:42:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064109/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0095", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45587", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064109/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0095", refsource: "MISC", url: "https://kb.netgear.com/000064109/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0095", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45587", datePublished: "2021-12-26T00:42:28", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.070Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26926
Vulnerability from cvelistv5
Published
2020-10-09 06:27
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:23.102Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062326/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0028", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:27:22", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062326/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0028", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26926", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062326/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0028", refsource: "MISC", url: "https://kb.netgear.com/000062326/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0028", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26926", datePublished: "2020-10-09T06:27:22", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:23.102Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45589
Vulnerability from cvelistv5
Published
2021-12-26 00:42
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.276Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064111/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0097", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:42:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064111/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0097", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45589", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064111/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0097", refsource: "MISC", url: "https://kb.netgear.com/000064111/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0097", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45589", datePublished: "2021-12-26T00:42:09", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.276Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45584
Vulnerability from cvelistv5
Published
2021-12-26 00:43
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.754Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064106/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0092", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:43:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064106/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0092", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45584", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064106/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0092", refsource: "MISC", url: "https://kb.netgear.com/000064106/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0092", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45584", datePublished: "2021-12-26T00:43:01", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.754Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29081
Vulnerability from cvelistv5
Published
2021-03-23 06:58
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.508Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063012/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0465", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-23T06:58:41", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063012/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0465", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29081", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063012/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0465", refsource: "MISC", url: "https://kb.netgear.com/000063012/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0465", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29081", datePublished: "2021-03-23T06:58:41", dateReserved: "2021-03-23T00:00:00", dateUpdated: "2024-08-03T21:55:12.508Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38452
Vulnerability from cvelistv5
Published
2023-03-21 17:41
Modified
2025-02-26 16:38
Severity ?
EPSS score ?
Summary
A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Netgear | Orbi Router RBR750 |
Version: 4.6.8.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:54:03.510Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1595", }, { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1595", tags: [ "x_transferred", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1595", }, { name: "https://kb.netgear.com/000065567/Security-Advisory-for-Post-authentication-Command-Injection-on-the-RBR750-PSV-2022-0186", tags: [ "x_transferred", ], url: "https://kb.netgear.com/000065567/Security-Advisory-for-Post-authentication-Command-Injection-on-the-RBR750-PSV-2022-0186", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-38452", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T16:37:53.257184Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-26T16:38:11.731Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Orbi Router RBR750", vendor: "Netgear", versions: [ { status: "affected", version: "4.6.8.5", }, ], }, ], descriptions: [ { lang: "en", value: "A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-912", description: "CWE-912: Hidden Functionality", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-29T10:13:38.314Z", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1595", url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1595", }, { name: "https://kb.netgear.com/000065567/Security-Advisory-for-Post-authentication-Command-Injection-on-the-RBR750-PSV-2022-0186", url: "https://kb.netgear.com/000065567/Security-Advisory-for-Post-authentication-Command-Injection-on-the-RBR750-PSV-2022-0186", }, ], }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2022-38452", datePublished: "2023-03-21T17:41:26.484Z", dateReserved: "2022-08-19T18:57:28.943Z", dateUpdated: "2025-02-26T16:38:11.731Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45621
Vulnerability from cvelistv5
Published
2021-12-26 00:34
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.926Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:34:50", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45621", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562", refsource: "MISC", url: "https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45621", datePublished: "2021-12-26T00:34:50", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.926Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45559
Vulnerability from cvelistv5
Published
2021-12-26 00:50
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.434Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064079/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0055", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:50:27", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064079/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0055", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45559", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064079/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0055", refsource: "MISC", url: "https://kb.netgear.com/000064079/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0055", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45559", datePublished: "2021-12-26T00:50:27", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.434Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45596
Vulnerability from cvelistv5
Published
2021-12-26 00:39
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.336Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064140/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0516", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:39:57", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064140/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0516", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45596", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064140/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0516", refsource: "MISC", url: "https://kb.netgear.com/000064140/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0516", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45596", datePublished: "2021-12-26T00:39:57", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.336Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14431
Vulnerability from cvelistv5
Published
2020-06-18 16:26
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.563Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061944/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0068", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:26:41", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061944/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0068", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14431", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061944/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0068", refsource: "CONFIRM", url: "https://kb.netgear.com/000061944/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0068", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14431", datePublished: "2020-06-18T16:26:41", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.563Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45585
Vulnerability from cvelistv5
Published
2021-12-26 00:42
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.947Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064107/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0093", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:42:51", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064107/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0093", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45585", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064107/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0093", refsource: "MISC", url: "https://kb.netgear.com/000064107/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0093", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45585", datePublished: "2021-12-26T00:42:51", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.947Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29075
Vulnerability from cvelistv5
Published
2021-03-23 06:59
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.479Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063010/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0466", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-23T06:59:31", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063010/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0466", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29075", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063010/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0466", refsource: "MISC", url: "https://kb.netgear.com/000063010/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0466", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29075", datePublished: "2021-03-23T06:59:31", dateReserved: "2021-03-23T00:00:00", dateUpdated: "2024-08-03T21:55:12.479Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26900
Vulnerability from cvelistv5
Published
2020-10-09 06:33
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.937Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062354/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0032", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:33:58", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062354/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0032", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26900", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062354/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0032", refsource: "MISC", url: "https://kb.netgear.com/000062354/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0032", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26900", datePublished: "2020-10-09T06:33:58", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:22.937Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27239
Vulnerability from cvelistv5
Published
2021-03-29 21:05
Modified
2024-08-03 20:48
Severity ?
EPSS score ?
Summary
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NETGEAR | Multiple Routers |
Version: firmware version 1.0.4.98 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:48:16.140Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-206/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Multiple Routers", vendor: "NETGEAR", versions: [ { status: "affected", version: "firmware version 1.0.4.98", }, ], }, ], credits: [ { lang: "en", value: "Anonymous", }, ], descriptions: [ { lang: "en", value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121: Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-29T21:05:29", orgId: "99f1926a-a320-47d8-bbb5-42feb611262e", shortName: "zdi", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-206/", }, { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "zdi-disclosures@trendmicro.com", ID: "CVE-2021-27239", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Multiple Routers", version: { version_data: [ { version_value: "firmware version 1.0.4.98", }, ], }, }, ], }, vendor_name: "NETGEAR", }, ], }, }, credit: "Anonymous", data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851.", }, ], }, impact: { cvss: { vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-121: Stack-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-206/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-206/", }, { name: "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432", refsource: "MISC", url: "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "99f1926a-a320-47d8-bbb5-42feb611262e", assignerShortName: "zdi", cveId: "CVE-2021-27239", datePublished: "2021-03-29T21:05:29", dateReserved: "2021-02-16T00:00:00", dateUpdated: "2024-08-03T20:48:16.140Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45670
Vulnerability from cvelistv5
Published
2021-12-26 00:25
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R6900P before 1.3.2.126, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.773Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064480/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0255", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R6900P before 1.3.2.126, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:25:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064480/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0255", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45670", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R6900P before 1.3.2.126, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064480/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0255", refsource: "MISC", url: "https://kb.netgear.com/000064480/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0255", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45670", datePublished: "2021-12-26T00:25:17", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.773Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26902
Vulnerability from cvelistv5
Published
2020-10-09 06:33
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.747Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062352/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0041", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:33:42", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062352/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0041", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26902", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062352/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0041", refsource: "MISC", url: "https://kb.netgear.com/000062352/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0041", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26902", datePublished: "2020-10-09T06:33:42", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:22.747Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45633
Vulnerability from cvelistv5
Published
2021-12-26 00:32
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.817Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064511/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0514", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:32:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064511/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0514", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45633", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064511/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0514", refsource: "MISC", url: "https://kb.netgear.com/000064511/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0514", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45633", datePublished: "2021-12-26T00:32:28", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.817Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45574
Vulnerability from cvelistv5
Published
2021-12-26 00:45
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.113Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064096/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0082", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:45:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064096/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0082", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45574", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064096/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0082", refsource: "MISC", url: "https://kb.netgear.com/000064096/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0082", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45574", datePublished: "2021-12-26T00:45:01", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.113Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14427
Vulnerability from cvelistv5
Published
2020-06-18 16:21
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.311Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061935/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0042", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:21:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061935/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0042", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14427", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061935/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0042", refsource: "CONFIRM", url: "https://kb.netgear.com/000061935/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0042", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14427", datePublished: "2020-06-18T16:21:05", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.311Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45628
Vulnerability from cvelistv5
Published
2021-12-26 00:33
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBS40V before 2.6.2.4, and RBW30 before 2.6.2.2.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.676Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064125/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0472", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBS40V before 2.6.2.4, and RBW30 before 2.6.2.2.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:33:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064125/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0472", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45628", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBS40V before 2.6.2.4, and RBW30 before 2.6.2.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064125/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0472", refsource: "MISC", url: "https://kb.netgear.com/000064125/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0472", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45628", datePublished: "2021-12-26T00:33:39", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.676Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45535
Vulnerability from cvelistv5
Published
2021-12-26 00:54
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.3.106, RAX80 before 1.0.3.106, RAX75 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.498Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064457/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0052", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.3.106, RAX80 before 1.0.3.106, RAX75 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:54:50", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064457/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0052", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45535", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.3.106, RAX80 before 1.0.3.106, RAX75 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064457/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0052", refsource: "MISC", url: "https://kb.netgear.com/000064457/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0052", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45535", datePublished: "2021-12-26T00:54:50", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.498Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45537
Vulnerability from cvelistv5
Published
2021-12-26 00:54
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user . This affects RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.427Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064083/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0061", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user . This affects RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:54:31", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064083/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0061", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45537", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user . This affects RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064083/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0061", refsource: "MISC", url: "https://kb.netgear.com/000064083/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0061", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45537", datePublished: "2021-12-26T00:54:31", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.427Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45620
Vulnerability from cvelistv5
Published
2021-12-26 00:35
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.265Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:35:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45620", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509", refsource: "MISC", url: "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45620", datePublished: "2021-12-26T00:35:01", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.265Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45591
Vulnerability from cvelistv5
Published
2021-12-26 00:41
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064113/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0099", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:41:49", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064113/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0099", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45591", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064113/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0099", refsource: "MISC", url: "https://kb.netgear.com/000064113/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0099", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45591", datePublished: "2021-12-26T00:41:49", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.454Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45502
Vulnerability from cvelistv5
Published
2021-12-26 01:03
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.180Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064126/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0473", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T01:03:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064126/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0473", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45502", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064126/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0473", refsource: "MISC", url: "https://kb.netgear.com/000064126/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0473", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45502", datePublished: "2021-12-26T01:03:05", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.180Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45579
Vulnerability from cvelistv5
Published
2021-12-26 00:43
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.111Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064101/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0087", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:43:58", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064101/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0087", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45579", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064101/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0087", refsource: "MISC", url: "https://kb.netgear.com/000064101/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0087", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45579", datePublished: "2021-12-26T00:43:58", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.111Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35795
Vulnerability from cvelistv5
Published
2020-12-29 23:29
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RS400 before 1.5.0.48, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.223Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062735/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0154", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RS400 before 1.5.0.48, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:29:56", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062735/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0154", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35795", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RS400 before 1.5.0.48, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062735/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0154", refsource: "MISC", url: "https://kb.netgear.com/000062735/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0154", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35795", datePublished: "2020-12-29T23:29:56", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.223Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36429
Vulnerability from cvelistv5
Published
2023-03-21 17:41
Modified
2024-08-03 10:07
Severity ?
EPSS score ?
Summary
A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Netgear | Orbi Satellite RBS750 |
Version: 4.6.8.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:07:33.896Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1597", }, { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1597", tags: [ "x_transferred", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1597", }, { name: "https://kb.netgear.com/000065424/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0188", tags: [ "x_transferred", ], url: "https://kb.netgear.com/000065424/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0188", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:netgear:rbs750_firmware:4.6.8.5:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "rbs750_firmware", vendor: "netgear", versions: [ { status: "affected", version: "4.6.8.5", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-36429", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-01T15:42:46.126213Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-01T15:52:41.065Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Orbi Satellite RBS750", vendor: "Netgear", versions: [ { status: "affected", version: "4.6.8.5", }, ], }, ], descriptions: [ { lang: "en", value: "A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-912", description: "CWE-912: Hidden Functionality", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-29T10:14:37.184Z", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1597", url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1597", }, { name: "https://kb.netgear.com/000065424/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0188", url: "https://kb.netgear.com/000065424/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0188", }, ], }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2022-36429", datePublished: "2023-03-21T17:41:25.748Z", dateReserved: "2022-08-23T17:55:12.245Z", dateUpdated: "2024-08-03T10:07:33.896Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45669
Vulnerability from cvelistv5
Published
2021-12-26 00:25
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.783Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2020-0210", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:N/C:L/I:L/PR:H/S:C/UI:R", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:25:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2020-0210", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45669", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT", availabilityImpact: "NONE", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:N/C:L/I:L/PR:H/S:C/UI:R", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2020-0210", refsource: "MISC", url: "https://kb.netgear.com/000064478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2020-0210", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45669", datePublished: "2021-12-26T00:25:28", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.783Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38458
Vulnerability from cvelistv5
Published
2023-03-21 17:41
Modified
2025-02-26 16:16
Severity ?
EPSS score ?
Summary
A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Netgear | Orbi Router RBR750 |
Version: 4.6.8.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:54:03.504Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1598", }, { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1598", tags: [ "x_transferred", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1598", }, { name: "https://kb.netgear.com/000065428/Security-Advisory-for-Cleartext-Transmission-on-Some-Orbi-WiFi-Systems-PSV-2022-0189", tags: [ "x_transferred", ], url: "https://kb.netgear.com/000065428/Security-Advisory-for-Cleartext-Transmission-on-Some-Orbi-WiFi-Systems-PSV-2022-0189", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-38458", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T16:16:11.945127Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-26T16:16:18.651Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Orbi Router RBR750", vendor: "Netgear", versions: [ { status: "affected", version: "4.6.8.5", }, ], }, ], descriptions: [ { lang: "en", value: "A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-311", description: "CWE-311: Missing Encryption of Sensitive Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-28T14:49:38.892Z", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1598", url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1598", }, { name: "https://kb.netgear.com/000065428/Security-Advisory-for-Cleartext-Transmission-on-Some-Orbi-WiFi-Systems-PSV-2022-0189", url: "https://kb.netgear.com/000065428/Security-Advisory-for-Cleartext-Transmission-on-Some-Orbi-WiFi-Systems-PSV-2022-0189", }, ], }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2022-38458", datePublished: "2023-03-21T17:41:25.364Z", dateReserved: "2022-08-23T17:57:51.673Z", dateUpdated: "2025-02-26T16:16:18.651Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45666
Vulnerability from cvelistv5
Published
2021-12-26 00:26
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.842Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064121/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0254", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:26:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064121/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0254", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45666", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:H/PR:H/S:C/UI:R", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064121/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0254", refsource: "MISC", url: "https://kb.netgear.com/000064121/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0254", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45666", datePublished: "2021-12-26T00:26:06", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.842Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-38524
Vulnerability from cvelistv5
Published
2021-08-11 00:01
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, and RBS750 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:44:23.512Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063779/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0225", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, and RBS750 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:N/I:N/PR:H/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-11T00:01:44", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063779/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0225", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-38524", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, and RBS750 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:N/I:N/PR:H/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063779/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0225", refsource: "MISC", url: "https://kb.netgear.com/000063779/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0225", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-38524", datePublished: "2021-08-11T00:01:44", dateReserved: "2021-08-10T00:00:00", dateUpdated: "2024-08-04T01:44:23.512Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45622
Vulnerability from cvelistv5
Published
2021-12-26 00:34
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.216Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064509/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extender-WiFi-Systems-PSV-2020-0506", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:34:41", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064509/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extender-WiFi-Systems-PSV-2020-0506", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45622", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064509/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extender-WiFi-Systems-PSV-2020-0506", refsource: "MISC", url: "https://kb.netgear.com/000064509/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extender-WiFi-Systems-PSV-2020-0506", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45622", datePublished: "2021-12-26T00:34:41", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.216Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26897
Vulnerability from cvelistv5
Published
2020-10-09 06:34
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.779Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062357/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0045", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:34:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062357/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0045", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26897", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062357/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0045", refsource: "MISC", url: "https://kb.netgear.com/000062357/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0045", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26897", datePublished: "2020-10-09T06:34:28", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:22.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-37337
Vulnerability from cvelistv5
Published
2023-03-21 17:41
Modified
2025-02-26 16:12
Severity ?
EPSS score ?
Summary
A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Netgear | Orbi Router RBR750 |
Version: 4.6.8.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:29:20.981Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1596", }, { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1596", tags: [ "x_transferred", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1596", }, { name: "https://kb.netgear.com/000065417/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0187", tags: [ "x_transferred", ], url: "https://kb.netgear.com/000065417/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0187", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-37337", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T16:11:58.643713Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-26T16:12:07.056Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Orbi Router RBR750", vendor: "Netgear", versions: [ { status: "affected", version: "4.6.8.5", }, ], }, ], descriptions: [ { lang: "en", value: "A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-29T10:14:11.453Z", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1596", url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1596", }, { name: "https://kb.netgear.com/000065417/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0187", url: "https://kb.netgear.com/000065417/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0187", }, ], }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2022-37337", datePublished: "2023-03-21T17:41:26.101Z", dateReserved: "2022-08-23T17:48:50.665Z", dateUpdated: "2025-02-26T16:12:07.056Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45578
Vulnerability from cvelistv5
Published
2021-12-26 00:44
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.282Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064100/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0086", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:44:08", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064100/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0086", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45578", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064100/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0086", refsource: "MISC", url: "https://kb.netgear.com/000064100/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0086", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45578", datePublished: "2021-12-26T00:44:08", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.282Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45569
Vulnerability from cvelistv5
Published
2021-12-26 00:46
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.335Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064091/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0077", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:46:56", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064091/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0077", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45569", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064091/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0077", refsource: "MISC", url: "https://kb.netgear.com/000064091/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0077", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45569", datePublished: "2021-12-26T00:46:56", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.335Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14429
Vulnerability from cvelistv5
Published
2020-06-18 16:25
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 before 1.0.4.92, MK63 before 1.0.4.92, MR60 before 1.0.4.92, MS60 before 1.0.4.92, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBS750 before 3.2.15.25, RBR750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.531Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061938/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0050", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 before 1.0.4.92, MK63 before 1.0.4.92, MR60 before 1.0.4.92, MS60 before 1.0.4.92, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBS750 before 3.2.15.25, RBR750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:25:30", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061938/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0050", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14429", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 before 1.0.4.92, MK63 before 1.0.4.92, MR60 before 1.0.4.92, MS60 before 1.0.4.92, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBS750 before 3.2.15.25, RBR750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061938/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0050", refsource: "CONFIRM", url: "https://kb.netgear.com/000061938/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0050", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14429", datePublished: "2020-06-18T16:25:30", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.531Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14442
Vulnerability from cvelistv5
Published
2020-06-18 16:40
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.605Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061947/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0103", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:40:19", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061947/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0103", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14442", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061947/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0103", refsource: "CONFIRM", url: "https://kb.netgear.com/000061947/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0103", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14442", datePublished: "2020-06-18T16:40:19", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.605Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29078
Vulnerability from cvelistv5
Published
2021-03-23 06:59
Modified
2024-08-03 21:55
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:55:12.616Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063009/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0511", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-23T06:59:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063009/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0511", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29078", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063009/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0511", refsource: "MISC", url: "https://kb.netgear.com/000063009/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0511", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29078", datePublished: "2021-03-23T06:59:09", dateReserved: "2021-03-23T00:00:00", dateUpdated: "2024-08-03T21:55:12.616Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45565
Vulnerability from cvelistv5
Published
2021-12-26 00:48
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.109Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064086/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0069", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:48:19", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064086/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0069", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45565", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064086/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0069", refsource: "MISC", url: "https://kb.netgear.com/000064086/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0069", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45565", datePublished: "2021-12-26T00:48:19", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.109Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26903
Vulnerability from cvelistv5
Published
2020-10-09 06:33
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.937Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062351/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0043", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:33:34", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062351/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0043", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26903", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062351/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0043", refsource: "MISC", url: "https://kb.netgear.com/000062351/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0043", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26903", datePublished: "2020-10-09T06:33:34", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:22.937Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45612
Vulnerability from cvelistv5
Published
2021-12-26 00:36
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.915Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064515/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0524", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:36:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064515/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0524", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45612", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064515/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0524", refsource: "MISC", url: "https://kb.netgear.com/000064515/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0524", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45612", datePublished: "2021-12-26T00:36:39", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.915Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45567
Vulnerability from cvelistv5
Published
2021-12-26 00:47
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.409Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064089/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0075", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:47:20", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064089/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0075", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45567", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064089/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0075", refsource: "MISC", url: "https://kb.netgear.com/000064089/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0075", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45567", datePublished: "2021-12-26T00:47:20", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.409Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45536
Vulnerability from cvelistv5
Published
2021-12-26 00:54
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.467Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064080/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0056", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:54:41", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064080/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0056", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45536", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064080/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0056", refsource: "MISC", url: "https://kb.netgear.com/000064080/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0056", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45536", datePublished: "2021-12-26T00:54:41", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.467Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14441
Vulnerability from cvelistv5
Published
2020-06-18 16:39
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.611Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061946/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0071", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:39:36", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061946/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0071", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14441", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061946/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0071", refsource: "CONFIRM", url: "https://kb.netgear.com/000061946/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0071", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14441", datePublished: "2020-06-18T16:39:36", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.611Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45568
Vulnerability from cvelistv5
Published
2021-12-26 00:47
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.169Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064090/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0076", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:47:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064090/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0076", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45568", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064090/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0076", refsource: "MISC", url: "https://kb.netgear.com/000064090/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0076", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45568", datePublished: "2021-12-26T00:47:05", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.169Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45509
Vulnerability from cvelistv5
Published
2021-12-26 01:01
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.208Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064148/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0564", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T01:01:52", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064148/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0564", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45509", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064148/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0564", refsource: "MISC", url: "https://kb.netgear.com/000064148/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0564", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45509", datePublished: "2021-12-26T01:01:52", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.208Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14432
Vulnerability from cvelistv5
Published
2020-06-18 16:33
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.433Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061937/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-WiFi-Systems-PSV-2020-0049", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:33:29", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061937/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-WiFi-Systems-PSV-2020-0049", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14432", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061937/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-WiFi-Systems-PSV-2020-0049", refsource: "CONFIRM", url: "https://kb.netgear.com/000061937/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-WiFi-Systems-PSV-2020-0049", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14432", datePublished: "2020-06-18T16:33:29", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.433Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45508
Vulnerability from cvelistv5
Published
2021-12-26 01:02
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, and RBR850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.286Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064133/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0490", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, and RBR850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T01:02:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064133/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0490", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45508", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, and RBR850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064133/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0490", refsource: "MISC", url: "https://kb.netgear.com/000064133/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0490", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45508", datePublished: "2021-12-26T01:02:00", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.286Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14437
Vulnerability from cvelistv5
Published
2020-06-18 16:37
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.680Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061940/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0054", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:37:40", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061940/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0054", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14437", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061940/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0054", refsource: "CONFIRM", url: "https://kb.netgear.com/000061940/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0054", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14437", datePublished: "2020-06-18T16:37:40", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.680Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14438
Vulnerability from cvelistv5
Published
2020-06-18 16:38
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.524Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061941/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0063", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:38:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061941/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0063", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14438", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061941/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0063", refsource: "CONFIRM", url: "https://kb.netgear.com/000061941/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0063", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14438", datePublished: "2020-06-18T16:38:07", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.524Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45629
Vulnerability from cvelistv5
Published
2021-12-26 00:33
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.819Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064132/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0488", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:33:18", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064132/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0488", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45629", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064132/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0488", refsource: "MISC", url: "https://kb.netgear.com/000064132/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0488", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45629", datePublished: "2021-12-26T00:33:18", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.819Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14439
Vulnerability from cvelistv5
Published
2020-06-18 16:38
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:46:34.372Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.netgear.com/000061942/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0064", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T16:38:47", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.netgear.com/000061942/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0064", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14439", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000061942/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0064", refsource: "CONFIRM", url: "https://kb.netgear.com/000061942/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0064", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14439", datePublished: "2020-06-18T16:38:47", dateReserved: "2020-06-18T00:00:00", dateUpdated: "2024-08-04T12:46:34.372Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45592
Vulnerability from cvelistv5
Published
2021-12-26 00:41
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.301Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064114/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0100", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:41:39", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064114/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0100", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45592", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064114/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0100", refsource: "MISC", url: "https://kb.netgear.com/000064114/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0100", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45592", datePublished: "2021-12-26T00:41:39", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.301Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45560
Vulnerability from cvelistv5
Published
2021-12-26 00:50
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.249Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064081/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0057", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:50:14", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064081/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0057", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45560", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064081/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0057", refsource: "MISC", url: "https://kb.netgear.com/000064081/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0057", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45560", datePublished: "2021-12-26T00:50:14", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.249Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45576
Vulnerability from cvelistv5
Published
2021-12-26 00:44
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.917Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064098/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0084", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:44:30", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064098/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0084", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45576", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064098/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0084", refsource: "MISC", url: "https://kb.netgear.com/000064098/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0084", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45576", datePublished: "2021-12-26T00:44:30", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.917Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-38513
Vulnerability from cvelistv5
Published
2021-08-11 00:03
Modified
2024-08-04 01:44
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RBK752 before 3.2.10.10, RBR750 before 3.2.10.10, and RBS750 before 3.2.10.10.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:44:23.496Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000063777/Security-Advisory-for-Authentication-Bypass-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0008", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RBK752 before 3.2.10.10, RBR750 before 3.2.10.10, and RBS750 before 3.2.10.10.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-11T00:03:49", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000063777/Security-Advisory-for-Authentication-Bypass-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0008", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-38513", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RBK752 before 3.2.10.10, RBR750 before 3.2.10.10, and RBS750 before 3.2.10.10.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000063777/Security-Advisory-for-Authentication-Bypass-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0008", refsource: "MISC", url: "https://kb.netgear.com/000063777/Security-Advisory-for-Authentication-Bypass-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0008", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-38513", datePublished: "2021-08-11T00:03:49", dateReserved: "2021-08-10T00:00:00", dateUpdated: "2024-08-04T01:44:23.496Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45604
Vulnerability from cvelistv5
Published
2021-12-26 00:38
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.868Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:N/I:N/PR:H/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:38:12", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45604", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:N/I:N/PR:H/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572", refsource: "MISC", url: "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45604", datePublished: "2021-12-26T00:38:12", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.868Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45570
Vulnerability from cvelistv5
Published
2021-12-26 00:46
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.365Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064092/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0078", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:46:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064092/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0078", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45570", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064092/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0078", refsource: "MISC", url: "https://kb.netgear.com/000064092/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0078", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45570", datePublished: "2021-12-26T00:46:46", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.365Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una divulgación de información confidencial. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-26901", lastModified: "2024-11-21T05:20:26.950", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:14.730", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062353/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0036", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062353/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0036", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45567", lastModified: "2024-11-21T06:32:32.560", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.177", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064089/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0075", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064089/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0075", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADF65DC4-51D5-4C38-B28D-7EA93B1734A3", versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EEA190-2E9C-4586-BF81-B115532FBA23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "888A8E0F-93DD-436D-B00C-F469C3BD6E5B", versionEndExcluding: "1.0.0.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", matchCriteriaId: "7D30939B-86E3-4C78-9B05-686B4994C8B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB6EE3C6-6BA3-4D37-B43B-B98E6EDFDD41", versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0E1D0A84-92A5-4E07-B2BB-ED4431E64457", versionEndExcluding: "1.0.3.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", matchCriteriaId: "814A0114-9A1D-4EA0-9AF4-6968514E4F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A59578F-1A3F-428B-A995-572C8E93C15C", versionEndExcluding: "1.0.0.54", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*", matchCriteriaId: "F87FFC46-137D-45B8-B437-F15565FB33D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5E273CF7-2DB6-4641-8753-810949D631B0", versionEndExcluding: "1.0.1.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", matchCriteriaId: "9F45B620-60B8-40F3-A055-181ADD71EFFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "049629DD-9E4F-4F47-98B0-C9FD457B74A0", versionEndExcluding: "1.0.4.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", matchCriteriaId: "321BE843-52C4-4638-A321-439CA7B3A6F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E00ABB7-A3E9-4E41-82CB-3AADC276C3AC", versionEndExcluding: "1.0.4.52", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "7909744D-FE9B-49D1-ADB3-029CCC432A47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA1BB56F-20B5-4A79-AE9D-429A011EAA4C", versionEndExcluding: "1.0.1.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19E991D4-ADE8-4EFC-A405-DBAF07FFEB21", versionEndExcluding: "1.0.4.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "611768C9-4B1D-42CC-97CF-78D05EA332AC", versionEndExcluding: "1.0.4.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9F1DAD0-F8B8-48D5-B571-C55636B274C3", versionEndExcluding: "1.0.11.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1AC36017-5BCF-4CF6-91D0-278279943847", versionEndExcluding: "1.0.0.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", matchCriteriaId: "366FA778-3C2A-42AF-9141-DAD7043B406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF7A1DF8-E9A0-4312-AC37-DEB46E37EE50", versionEndExcluding: "1.0.5.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6364559-B141-43AE-B40A-506B79BCC3AA", versionEndExcluding: "1.0.4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0ECEE38A-B0BB-43F8-AB4D-26572B789BFB", versionEndExcluding: "1.4.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D444B09-82DA-4225-A292-B28232408A7B", versionEndExcluding: "1.0.4.52", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "609B0EC8-FCD3-4522-A06A-7CB521586A22", versionEndExcluding: "1.0.2.88", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CA086E1-DB23-4130-B746-D56F5A188C3B", versionEndExcluding: "2.6.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4AF96D62-1D28-4FE5-AFC3-FB93A1BB4D45", versionEndExcluding: "1.0.3.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A", versionEndExcluding: "1.5.1.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6F506A-464D-4BDE-8F9B-D537D3C7E137", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61DF6302-36B7-49CF-8F2C-4C2247112EB9", versionEndExcluding: "1.4.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8E565CF-8408-4502-97BD-01CEF15D0744", versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*", matchCriteriaId: "63500DE4-BDBD-4F86-AB99-7DB084D0B912", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61DE3850-1661-43D1-9E52-31E2E01979EE", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DAB3F350-9094-4B64-8ED9-517069EB56F4", versionEndExcluding: "1.4.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "60634A15-B02A-4C33-A1A4-F6340CFD6B8B", versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9B77E7-7439-48C6-989F-5E22CB4D3044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer por parte de un usuario autenticado. Esto afecta a D6220 versiones anteriores a 1.0.0.68, al D6400 versiones anteriores a 1.0.0.102, a D7000v2 versiones anteriores a 1.0.0.66, al D8500 versiones anteriores a 1.0.3.58, al DC112A versiones anteriores a 1.0.0.54, a EX7000 versiones anteriores a 1.0.1.94, a EX7500 versiones anteriores a 1.0.0.72, a R6250 versiones anteriores a 1.0.4.48, a R6300v2 versiones anteriores a 1. 0.4.52, R6400 versiones anteriores a 1.0.1.70, R6400v2 versiones anteriores a 1.0.4.102, R6700v3 versiones anteriores a 1.0.4.102, R7000 versiones anteriores a 1.0.11.116, R7100LG versiones anteriores a 1.0.0.64, R7850 versiones anteriores a 1.0.5.68, R7900 versiones anteriores a 1.0.4.30, R7960P versiones anteriores a 1.4.1.68, R8000 versiones anteriores a 1.0.4. 52, RAX200 versiones anteriores a 1.0.2.88, RBS40V versiones anteriores a 2.6.2.4, RS400 versiones anteriores a 1.5.1.80, XR300 versiones anteriores a 1.0.3.56, R7000P versiones anteriores a 1.3.2.124, R8000P versiones anteriores a 1.4.1.68, R8500 versiones anteriores a 1.0.2.144, RAX80 versiones anteriores a 1.0.3.102, R6900P versiones anteriores a 1.3.2. 124, R7900P versiones anteriores a 1.4.1.68, R8300 versiones anteriores a 1.0.2.144, RAX75 versiones anteriores a 1.0.3.102, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RBK752 versiones anteriores a 3.2.17.12 y RBK852 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45527", lastModified: "2024-11-21T06:32:25.610", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:14.207", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064493/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0437", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064493/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0437", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-30 00:15
Modified
2024-11-21 05:28
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2240C06-A117-48E6-9576-C58F3314A160", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBS40V versiones anteriores a 2.6.1.4, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25.", }, ], id: "CVE-2020-35794", lastModified: "2024-11-21T05:28:07.223", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.017", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062629/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0034", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062629/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0034", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45635", lastModified: "2024-11-21T06:32:44.260", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.413", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064134/Security-Advisory-for-Pre-Authentication-Command-Injection-on-WiFi-Systems-PSV-2020-0491", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064134/Security-Advisory-for-Pre-Authentication-Command-Injection-on-WiFi-Systems-PSV-2020-0491", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25, RBS850 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25 y RBS840 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14434", lastModified: "2024-11-21T05:03:15.850", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 7.7, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.547", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061934/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0040", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061934/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0040", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-30 00:15
Modified
2024-11-21 05:28
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RS400 before 1.5.0.48, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C1280B1-A2DF-4CAB-AB19-6B463206AA3D", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2100:-:*:*:*:*:*:*:*", matchCriteriaId: "A80B06A1-81B5-4C33-89F6-EC3F6E3068B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "76C658A4-BF82-40CE-A5E1-C9F3DA1A9B0B", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2400:-:*:*:*:*:*:*:*", matchCriteriaId: "6B25A18F-DD96-45FE-B098-71E60CB0FFFE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A3A6655-B468-46FB-84D7-2294D4243C91", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2600:-:*:*:*:*:*:*:*", matchCriteriaId: "2BFCD9A8-1846-48C4-9F14-3866E983FB74", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C3B3284-B11F-4752-9C6A-0B5BECA3DB2B", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "E526746E-1ED6-492E-B28C-A1CA8235D9FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACEAC1F2-EEAE-4880-B6C0-FFAAA29685F1", versionEndExcluding: "1.0.1.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62EFA314-85C0-48CC-938E-E2BF42B16746", versionEndExcluding: "1.0.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7EE6BC6-DEDA-4005-9E29-D66D0BC7E5C2", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B59B0C17-2714-48E8-8911-E72488CE32E3", versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7658849-0743-487B-803F-D49680EDF185", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E18CCBB-46CD-423D-AA66-36F223EFD6E6", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07A1D7A9-29E9-4B1D-90DB-24E0967C9BC7", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F898DC9-9250-47DF-844C-F7308365135B", versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*", matchCriteriaId: "D18D2CCD-424F-41D5-919B-E22B9FA68D36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79B24229-6AC2-489D-B542-4DAA7E630180", versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", matchCriteriaId: "B131B5C8-CB7F-433B-BA32-F05CE0E92A66", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B5B842D-2275-4968-997B-A70A67CBDBEC", versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*", matchCriteriaId: "C91CADFA-59DB-4B6C-A914-848884F4A4BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23D4F7E6-C042-434E-87B8-55DB18B08B0A", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*", matchCriteriaId: "3C395D49-57F9-4BC1-8619-57127355B86B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6330_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6524B85E-23AC-4983-8331-96E12899B773", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6330:-:*:*:*:*:*:*:*", matchCriteriaId: "D621D26D-B144-424A-A9CB-19488399ACC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F105F6F-ECD3-411D-924E-94BCF036C1EA", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*", matchCriteriaId: "4B302909-29CF-4E53-9CCB-8664D3FCB03A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "478CE991-5E30-438D-94B0-0E15A29E27BD", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E32C097-6EDF-4C81-A375-028DB67B6231", versionEndExcluding: "1.0.4.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19D625E4-17F4-44EF-9A51-DA0BAD4835F2", versionEndExcluding: "1.0.2.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*", matchCriteriaId: "21B27F11-4262-4CE1-8107-B365A7C152F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9C5AB644-B80D-48A3-B794-C483FEFAFDED", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v2:-:*:*:*:*:*:*:*", matchCriteriaId: "C9793286-86D2-43BF-B9B8-823C05BCAE4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCCFD041-9413-4E37-8C4D-F50D1B10582B", versionEndExcluding: "1.0.4.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8956A99-1071-42A7-8984-D7134E755CBF", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*", matchCriteriaId: "09404083-B00B-4C1F-8085-BC242E625CA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3408536D-FC77-48C5-AD15-C5A170D7417C", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*", matchCriteriaId: "598B48C5-4706-4431-8C5A-DA496DD1052F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61DE3850-1661-43D1-9E52-31E2E01979EE", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1D59AC0-2859-46C0-B050-3BB8E3E9CB06", versionEndExcluding: "1.0.2.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*", matchCriteriaId: "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02672757-31FD-4338-AF2C-63FD1D7C1A19", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900v2:-:*:*:*:*:*:*:*", matchCriteriaId: "A9FC6398-60A5-4003-A294-C96AE6DBCED5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D208F2CA-DB20-4C82-8FFF-B99EBFE29713", versionEndExcluding: "1.0.11.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6F506A-464D-4BDE-8F9B-D537D3C7E137", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02279B20-D951-46CE-B339-452BC585A4F3", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7200:-:*:*:*:*:*:*:*", matchCriteriaId: "FECB83F9-D417-4FD3-B293-87BC177E3AEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B452611A-43C5-401B-95BD-189020B5C65C", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7350:-:*:*:*:*:*:*:*", matchCriteriaId: "AFD1A65C-F10F-4C52-8B6D-69992E512EB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "237C68C0-C2A9-4F71-9E08-547F2A317CBC", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7400:-:*:*:*:*:*:*:*", matchCriteriaId: "1F68AC3B-A31F-4AB0-89E9-BFFDE427AD3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63697E3A-AAA3-42E7-8116-93C6548D3AB7", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*", matchCriteriaId: "6DA5420D-DD64-4A9C-9B5F-784F0ED2B464", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C393DBF4-8281-4611-B591-CDB9DF0AA958", versionEndExcluding: "1.0.2.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4171EB00-3664-43D5-9B62-A3538C358142", versionEndExcluding: "1.0.5.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9800CB2-C14A-406B-B1FF-B1B62862EBDB", versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44537647-E0B2-477D-98A5-7EA850BF3321", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA8D0327-0A72-44EC-9CC2-6CAF6A0C08B2", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F030129E-95C6-4C31-92A6-DABCDC1B534B", versionEndExcluding: "1.0.4.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B377E02-0228-4A2F-90F3-A82E7E964B37", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "57314D03-64B1-4973-9D36-5D22A71DBCBB", versionEndExcluding: "1.0.5.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DCE56F2-5A45-4B31-99EF-1D8455C71E5C", versionEndExcluding: "1.0.5.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B697A877-214C-4701-AA9B-FE9C23FDBCEB", versionEndExcluding: "1.0.1.136", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", matchCriteriaId: "1742BD56-84E4-40E1-8C04-098B3715161E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC5225D5-96AD-43EE-BAA3-37B7FEF97E86", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33505A97-35DB-4EFD-9D47-EA03057C8FFD", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49D5D1E8-637A-4970-8753-6A3FCA8FAC64", versionEndExcluding: "1.0.2.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5A3B894E-E712-477A-9960-30AFAB2C35CF", versionEndExcluding: "1.0.2.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A71AE85C-74C4-42C1-BF54-89B6EC38C707", versionEndExcluding: "1.0.2.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EC30751-F447-45A7-8C57-B73042869EA5", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", matchCriteriaId: "D5465A78-4826-4F72-9CBE-528CBF286A79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8246B8D3-8455-43B1-B0FA-F677B8FF84F5", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", matchCriteriaId: "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28DA498C-B466-422E-BAD2-A1F9A15B157F", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", matchCriteriaId: "32BAB5C0-F645-4A90-833F-6345335FA1AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72FDDB4-0802-467B-A255-06C8CE1A0B92", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C80BEFF8-7094-4F21-B9E7-EE5C8B9DF3B3", versionEndExcluding: "2.6.1.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04F03BE5-1440-4BC4-B902-97E702ED0ADF", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09631703-25CD-40CB-80A8-AADD43939507", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E21623E-9977-486F-93B1-858FC407E9D1", versionEndExcluding: "2.6.1.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A32769CF-7D0A-4A3F-AF20-6202CA0C6870", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E3BFCB-BFF8-4722-BE48-5FA93CACD3AD", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39D6318D-F5A2-4469-B508-075F2825F0FA", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F44708A-C946-4E0F-9D6C-A91AFB4C9EF3", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5C6DF5F-FEFB-4A30-87CC-379E726AE181", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "451C5603-927A-4EB9-BF9D-150FE16A48F8", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B22B149-BD16-42A0-BB1D-DEF483F6B5E1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "921A8CFC-D86E-4674-998E-31F4F956B5DC", versionEndExcluding: "1.5.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D71EDB94-370B-46C3-A14E-3F3FB130DD49", versionEndExcluding: "1.0.3.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "051E8D2A-0EB0-43A7-9AAA-8519B8CC7FE0", versionEndExcluding: "2.3.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", matchCriteriaId: "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BCFB551-95C6-4EEF-83F0-4246F67E6668", versionEndExcluding: "2.3.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89AB672D-DD24-483E-B69D-7E46AF199483", versionEndExcluding: "1.0.1.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", matchCriteriaId: "E12892C8-5E01-49A6-BF47-09D630377093", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D7800 before 1.0.1.58, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RS400 before 1.5.0.48, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer por parte de un atacante no autenticado. Esto afecta a AC2100 versiones anteriores a 1.2.0.72, AC2400 versiones anteriores a 1.2.0.72, AC2600 versiones anteriores a 1.2.0.72, CBK40 versiones anteriores a 2.5.0.10, CBR40 versiones anteriores a 2.5.0.10, D7800 versiones anteriores a 1.0.1.58, EAX20 versiones anteriores a 1.0.0.36, EAX80 versiones anteriores a 1.0.1.62, EX7500 versiones anteriores a 1.0.0.68, MK62 versiones anteriores a 1.0.5.102, MR60 versiones anteriores a 1.0.5.102, MS60 versiones anteriores a 1.0.5.102, R6120 versiones anteriores a 1.0.0.70, R6220 versiones anteriores a 1.1.0.100, R6230 versiones anteriores a 1.1.0.100, R6260 versiones anteriores a 1.1.0.76, R6330 versiones anteriores a 1.1.0.76, R6350 versiones anteriores a 1.1.0.76, R6400 versiones anteriores a 1.0.1.62, R6400v2 versiones anteriores a 1.0.4.98, R6700 versiones anteriores a 1.0.2.16, R6700v2 versiones anteriores a 1.2.0.72, R6700v3 versiones anteriores a 1.0.4.98, R6800 versiones anteriores a 1.2.0.72, R6850 versiones anteriores a 1.1. 0.76, R6900P versiones anteriores a 1.3.2.124, R6900 versiones anteriores a 1.0.2.16, R6900v2 versiones anteriores a 1.2.0.72, R7000 versiones anteriores a 1.0.11.106, R7000P versiones anteriores a 1.3.2.124, R7200 versiones anteriores a 1.2.0.72, R7350 versiones anteriores a 1.2.0.72, R7400 versiones anteriores a 1.2.0.72, R7450 versiones anteriores a 1.2.0.72, R7800 versiones anteriores a 1.0.2.74, R7850 versiones anteriores a 1.0.5.60, R7900 versiones anteriores a 1.0.4.26, R7900P versiones anteriores a 1.4.1.62, R7960P versiones anteriores a 1.4.1.62, R8000 versiones anteriores a 1.0.4.58, R8000P versiones anteriores a 1.4.1.62, R8900 versiones anteriores a 1.0.5.24, R9000 versiones anteriores a 1.0.5.24, RAX120 versiones anteriores a 1.0.1.136, RAX15 versiones anteriores a 1.0.1.64, RAX20 versiones anteriores a 1.0.1.64, RAX200 versiones anteriores a 1.0. 2.102, RAX45 versiones anteriores a 1.0.2.64, RAX50 versiones anteriores a 1.0.2.64, RAX75 versiones anteriores a 1.0.3.102, RAX80 versiones anteriores a 1.0.3.102, RBK12 versiones anteriores a 2.6.1.44, RBR10 versiones anteriores a 2.6.1.44, RBS10 versiones anteriores a 2.6.1.44, RBK20 versiones anteriores a 2.6.1.38, RBR20 versiones anteriores a 2.6.1.36, RBS20 versiones anteriores a 2.6.1.38, RBK40 versiones anteriores a 2.6.1.38, RBR40 versiones anteriores a 2.6.1.36, RBS40 versiones anteriores a 2.6.1.38, RBK50 versiones anteriores a 2.6.1.40, RBR50 versiones anteriores a 2.6.1.40, RBS50 versiones anteriores a 2.6.1.40, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK842 versiones anteriores a 3.2.16.6, RBR840 versiones anteriores a 3.2.16.6, RBS840 versiones anteriores a 3.2. 16.6, RBK852 versiones anteriores a 3. 2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RS400 versiones anteriores a 1.5.0.48, XR300 versiones anteriores a 1.0.3.50, XR450 versiones anteriores a 2.3.2.66, XR500 versiones anteriores a 2.3.2.66 y XR700 versiones anteriores a 1.0.1.34.", }, ], id: "CVE-2020-35795", lastModified: "2024-11-21T05:28:07.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.080", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062735/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0154", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062735/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0154", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una divulgación de credenciales administrativas. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14430", lastModified: "2024-11-21T05:03:15.150", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.170", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061939/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0051", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061939/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0051", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una divulgación de credenciales administrativas. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11 y RBS850 versiones anteriores a 3.2.10.11", }, ], id: "CVE-2020-26905", lastModified: "2024-11-21T05:20:27.563", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:16.293", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062349/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0047", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062349/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0047", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una omisión de autenticación. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45503", lastModified: "2024-11-21T06:32:21.797", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:13.033", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064127/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0474", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064127/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0474", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una omisión de autenticación. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11 y RBS850 versiones anteriores a 3.2.10.11", }, ], id: "CVE-2020-26928", lastModified: "2024-11-21T05:20:31.087", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:18.403", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062324/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0027", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062324/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0027", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 00:16
Modified
2024-11-21 06:17
Severity ?
4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, and RBS750 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | mk62_firmware | * | |
| netgear | mk62 | - | |
| netgear | mr60_firmware | * | |
| netgear | mr60 | - | |
| netgear | ms60_firmware | * | |
| netgear | ms60 | - | |
| netgear | rax15_firmware | * | |
| netgear | rax15 | - | |
| netgear | rax20_firmware | * | |
| netgear | rax20 | - | |
| netgear | rax200_firmware | * | |
| netgear | rax200 | - | |
| netgear | rax45_firmware | * | |
| netgear | rax45 | - | |
| netgear | rax50_firmware | * | |
| netgear | rax50 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "525B767F-5A8A-4E6C-8585-BCBB05948B2D", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F1EBAB4-F713-4AC5-AECC-9E9D61FF3576", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E445DBA-2B45-410C-9288-1A4472452CE1", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED73C5EC-C8D3-4206-BCAA-0901F786DD98", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93EF1D39-E084-40E9-86CF-C590763841A0", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04513F08-329D-446F-A356-29074C1C0BEA", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05363CF1-17DA-4462-9C68-2790FE70D539", versionEndExcluding: "1.0.2.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "41D61A7C-BF7E-4A84-A08B-C9FF449AF952", versionEndExcluding: "1.0.2.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, and RBS750 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región stack de la memoria por un usuario autenticado. Esto afecta a MK62 versiones anteriores a 1.0.6.110, MR60 versiones anteriores a 1.0.6.110, MS60 versiones anteriores a 1.0.6.110, RAX15 versiones anteriores a 1.0.2.82, RAX20 versiones anteriores a 1.0.2.82, RAX200 versiones anteriores a 1.0.3.106, RAX45 versiones anteriores a 1. 0.2.32, RAX50 versiones anteriores a 1.0.2.32, RAX75 versiones anteriores a 1.0.3.106, RAX80 versiones anteriores a 1.0.3.106, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6 y RBS750 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-38524", lastModified: "2024-11-21T06:17:20.010", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T00:16:04.523", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063779/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0225", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063779/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0225", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RBK752 versiones anteriores a 3.2.17.12 y RBK852 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45633", lastModified: "2024-11-21T06:32:43.943", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.323", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064511/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0514", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064511/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0514", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45589", lastModified: "2024-11-21T06:32:36.263", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.210", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064111/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0097", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064111/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0097", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
5.2 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29F1DCF3-43BE-40C3-9BEF-00D4618611B4", versionEndExcluding: "1.0.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7EE6BC6-DEDA-4005-9E29-D66D0BC7E5C2", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B9DB22D-0775-48CE-A97D-BA3B5873C9F8", versionEndExcluding: "1.0.0.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F747A14B-5331-428E-8B53-724090554E07", versionEndExcluding: "1.0.0.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2826A7E-990D-455A-8B16-CBCCC4633B97", versionEndExcluding: "1.0.1.104", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", matchCriteriaId: "9F45B620-60B8-40F3-A055-181ADD71EFFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "82B05B23-A689-4A0A-8569-9FA7972EA663", versionEndExcluding: "1.0.11.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6364559-B141-43AE-B40A-506B79BCC3AA", versionEndExcluding: "1.0.4.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B717BA8-81B7-470C-BF20-A4318D063D77", versionEndExcluding: "1.4.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A6C5E300-92E2-447A-822F-B95D1C59530E", versionEndExcluding: "1.0.4.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49D5D1E8-637A-4970-8753-6A3FCA8FAC64", versionEndExcluding: "1.0.2.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D71EDB94-370B-46C3-A14E-3F3FB130DD49", versionEndExcluding: "1.0.3.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20A423A5-04E9-4323-9818-6C9B78065103", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E18CCBB-46CD-423D-AA66-36F223EFD6E6", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "182AB5A2-5D07-4A5E-A863-4EE216D6F423", versionEndExcluding: "1.3.2.126", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "101031E9-479E-4F86-B83A-19376F8C8A45", versionEndExcluding: "1.4.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33505A97-35DB-4EFD-9D47-EA03057C8FFD", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61807742-C521-47BA-9285-667C58DDD86B", versionEndExcluding: "1.0.2.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "850D0AE9-A57C-47D3-9D44-7EE24E6F594D", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07A1D7A9-29E9-4B1D-90DB-24E0967C9BC7", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44801589-B49E-4B00-84DD-EFE47526C70C", versionEndExcluding: "1.3.2.126", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "65F881E3-22B3-40D9-A896-51B13FD09EAA", versionEndExcluding: "1.4.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC5225D5-96AD-43EE-BAA3-37B7FEF97E86", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "989EB842-6F21-4814-9E03-AF52BBBEA7B9", versionEndExcluding: "1.0.2.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before 1.4.1.66, R8000 before 1.0.4.62, RAX200 before 1.0.2.102, XR300 before 1.0.3.50, EX3700 before 1.0.0.90, MR60 before 1.0.5.102, R7000P before 1.3.2.126, R8000P before 1.4.1.66, RAX20 before 1.0.1.64, RAX50 before 1.0.2.28, RAX80 before 1.0.3.102, EX3800 before 1.0.0.90, MS60 before 1.0.5.102, R6900P before 1.3.2.126, R7900P before 1.4.1.66, RAX15 before 1.0.1.64, RAX45 before 1.0.2.28, RAX75 before 1.0.3.102, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un ataque de tipo XSS reflejado. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, EAX20 versiones anteriores a 1.0.0.32, EAX80 versiones anteriores a 1.0.1.62, EX6120 versiones anteriores a 1.0.0.64, EX6130 versiones anteriores a 1.0.0.44, EX7000 versiones anteriores a 1.0.1.104, EX7500 versiones anteriores a 1.0.0.72, R7000 versiones anteriores a 1.0.11. 110, R7900 versiones anteriores a 1.0.4.30, R7960P versiones anteriores a 1.4.1.66, R8000 versiones anteriores a 1.0.4.62, RAX200 versiones anteriores a 1.0.2.102, XR300 versiones anteriores a 1.0.3.50, EX3700 versiones anteriores a 1.0.0.90, MR60 versiones anteriores a 1.0.5.102, R7000P versiones anteriores a 1.3.2.126, R8000P versiones anteriores a 1. 4.1.66, RAX20 versiones anteriores a 1.0.1.64, RAX50 versiones anteriores a 1.0.2.28, RAX80 versiones anteriores a 1.0.3.102, EX3800 versiones anteriores a 1.0.0.90, MS60 versiones anteriores a 1.0.5.102, R6900P versiones anteriores a 1.3.2.126, R7900P versiones anteriores a 1.4.1.66, RAX15 versiones anteriores a 1.0.1. 64, RAX45 versiones anteriores a 1.0.2.28, RAX75 versiones anteriores a 1.0.3.102, RBR750 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBK752 versiones anteriores a 3.2.16.6 y RBK852 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45639", lastModified: "2024-11-21T06:32:44.890", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 2.7, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.597", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064460/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064460/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0121", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | r7900p_firmware | * | |
| netgear | r7900p | - | |
| netgear | r7960p_firmware | * | |
| netgear | r7960p | - | |
| netgear | r8000p_firmware | * | |
| netgear | r8000p | - | |
| netgear | r8300_firmware | * | |
| netgear | r8300 | - | |
| netgear | r8500_firmware | * | |
| netgear | r8500 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68D7FF2D-210A-4B16-B871-394413F64F3A", versionEndExcluding: "1.0.2.154", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9B77E7-7439-48C6-989F-5E22CB4D3044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45ADC486-2457-496D-B887-EAAB9833E160", versionEndExcluding: "1.0.2.154", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*", matchCriteriaId: "63500DE4-BDBD-4F86-AB99-7DB084D0B912", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, R7900P versiones anteriores a 1.4.2.84, R7960P versiones anteriores a 1.4.2.84, R8000P versiones anteriores a 1.4.2.84, R8300 versiones anteriores a 1.0.2.154, R8500 versiones anteriores a 1. 0.2.154, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45615", lastModified: "2024-11-21T06:32:40.773", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:18.473", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064514/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0521", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064514/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0521", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-23 07:15
Modified
2024-11-21 06:00
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbk854_firmware | * | |
| netgear | rbk854 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbk754_firmware | * | |
| netgear | rbk754 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64DF0B69-B591-47B6-88C1-82544AA3DE9B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "106863FF-9BE9-4C18-9A86-C458FF9EBDD6", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*", matchCriteriaId: "01D12702-8B86-419C-8636-1259FD2D5844", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1723D5F-FFDB-4E4D-80B7-4B28598D5895", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D041B9F-37E4-48A9-9841-85EFFF7FA1D1", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E6FDC1-BB17-454A-9B3A-5FB1F705C56B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk754:-:*:*:*:*:*:*:*", matchCriteriaId: "F8BF464E-63DB-4AC4-9B5D-E3ECDC000305", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBK852 versiones anteriores a 3.2.17.12, RBK853 versiones anteriores a 3.2.17.12, RBK854 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RBK752 versiones anteriores a 3. 2.17.12, RBK753 versiones anteriores a 3.2.17.12, RBK753S versiones anteriores a 3.2.17.12, RBK754 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12 y RBS750 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-29078", lastModified: "2024-11-21T06:00:40.030", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-23T07:15:14.077", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063009/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0511", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063009/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0511", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una vulnerabilidad de tipo CSRF. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14432", lastModified: "2024-11-21T05:03:15.507", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.327", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061937/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-WiFi-Systems-PSV-2020-0049", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061937/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-WiFi-Systems-PSV-2020-0049", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-26902", lastModified: "2024-11-21T05:20:27.097", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:15.463", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062352/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062352/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0041", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45585", lastModified: "2024-11-21T06:32:35.617", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.027", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064107/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0093", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064107/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0093", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-23 07:15
Modified
2024-11-21 06:00
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbk854_firmware | * | |
| netgear | rbk854 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbk754_firmware | * | |
| netgear | rbk754 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EF8E22-9DC7-4A42-99E0-A6822F647DF7", versionEndExcluding: "2.6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CA086E1-DB23-4130-B746-D56F5A188C3B", versionEndExcluding: "2.6.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64DF0B69-B591-47B6-88C1-82544AA3DE9B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "106863FF-9BE9-4C18-9A86-C458FF9EBDD6", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*", matchCriteriaId: "01D12702-8B86-419C-8636-1259FD2D5844", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1723D5F-FFDB-4E4D-80B7-4B28598D5895", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D041B9F-37E4-48A9-9841-85EFFF7FA1D1", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E6FDC1-BB17-454A-9B3A-5FB1F705C56B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk754:-:*:*:*:*:*:*:*", matchCriteriaId: "F8BF464E-63DB-4AC4-9B5D-E3ECDC000305", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una omisión de autenticación. Esto afecta a RBW30 versiones anteriores a 2.6.2.2, RBS40V versiones anteriores a 2.6.2.4, RBK852 versiones anteriores a 3.2.17.12, RBK853 versiones anteriores a 3.2.17.12, RBK854 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3. 2.17.12, RBK752 versiones anteriores a 3.2.17.12, RBK753 versiones anteriores a 3.2.17.12, RBK753S versiones anteriores a 3.2.17.12, RBK754 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12 y RBS750 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-29067", lastModified: "2024-11-21T06:00:38.160", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-23T07:15:13.233", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063017/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0492", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063017/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0492", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una omisión de autenticación. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11 y RBS850 versiones anteriores a 3.2.10.11", }, ], id: "CVE-2020-26926", lastModified: "2024-11-21T05:20:30.790", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:18.247", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062326/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0028", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062326/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0028", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45596", lastModified: "2024-11-21T06:32:37.363", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.533", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064140/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0516", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064140/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0516", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCA48F47-FC18-4953-BA90-1F4F3695A2BE", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC9EE9DE-DD58-46A9-87FB-D284EBE0ACC1", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48709EA4-81F3-4CF1-B9A8-5379309914B0", versionEndExcluding: "1.1.6.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*", matchCriteriaId: "491CEB8D-22F3-4F86-96F0-03C5C58BA295", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA438541-75AE-4D6B-AB56-02760D08D465", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2234C485-F411-48CC-9A0B-AA49B6961E38", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0095B9D4-E161-4050-B283-2166CB86CB24", versionEndExcluding: "1.0.4.118", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0702F9B6-2DAC-4308-8737-9F85AD28E847", versionEndExcluding: "1.0.4.118", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94795476-184B-4E7D-9D8B-ECB45609108E", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E06EFF-9D71-43DB-A304-9A41998FD68A", versionEndExcluding: "1.0.11.126", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3A7E8BF-8CC3-4806-89F5-FBE01A36A1FD", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8491F80C-E57A-4862-B969-F43799A47D06", versionEndExcluding: "1.0.5.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4195BC65-A849-4C3A-B726-E013CEB57F32", versionEndExcluding: "1.0.4.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A662FDCF-DC41-4DC9-B77E-BE1D636AC0B3", versionEndExcluding: "1.0.4.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2268D5EF-E7FA-4112-A468-507417E18FFF", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31289572-2197-4A38-8353-CA4AAD491160", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "841D857C-3387-43E0-A3AF-0E81CBEE3E40", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9358B2F2-D24E-434D-AEE5-6CE093598793", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF0E5B9-8D2D-4A3F-881E-2E3122B3577C", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*", matchCriteriaId: "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AC89EAA-344C-438E-A5A5-2C34CF699743", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*", matchCriteriaId: "178BB386-F66C-4CE8-9283-37D22B304691", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0706367A-3F60-4564-8689-E0A46DDC31C2", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "679C4EC5-D17E-469B-A28F-BF5E231CED3D", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A", versionEndExcluding: "1.5.1.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F615F516-29EF-4C15-9E18-C5D4F6291A38", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3AE70236-D1C6-4B58-8385-1FA5F71916AF", versionEndExcluding: "1.0.3.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA1BB56F-20B5-4A79-AE9D-429A011EAA4C", versionEndExcluding: "1.0.1.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE40C2D0-0863-4E0F-B3E7-6FD043B46467", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29757651-068E-4646-AAD8-2CF8FD08B34C", versionEndExcluding: "1.1.2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*", matchCriteriaId: "2A086E76-3F23-4C21-AC96-F11372A8A186", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1582E16D-ACEE-4E33-9D52-9DD25C035EA8", versionEndExcluding: "1.1.2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*", matchCriteriaId: "DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk83_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6934383-3E7A-46A5-8147-16C595604ADA", versionEndExcluding: "1.1.2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk83:-:*:*:*:*:*:*:*", matchCriteriaId: "7C6C7ABC-87BF-4F20-8DAF-D9B9ACA4A273", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MR80 before 1.1.2.20, MS60 before 1.0.6.116, MS80 before 1.1.2.20, MK62 before 1.0.6.116, MK83 before 1.1.2.20, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, EAX20 versiones anteriores a 1.0.0.58, EAX80 versiones anteriores a 1.0.1.68, LAX20 versiones anteriores a 1.1.6.28, MR60 versiones anteriores a 1.0.6.116, MR80 versiones anteriores a 1.1.2.20, MS60 versiones anteriores a 1.0.6.116, MS80 versiones anteriores a 1.1.2.20, MK62 versiones anteriores a 1.0.6.116, MK83 versiones anteriores a 1. 1.2.20, R6400 versiones anteriores a 1.0.1.70, R6400v2 versiones anteriores a 1.0.4.106, R6700v3 versiones anteriores a 1.0.4.106, R6900P versiones anteriores a 1.3.3.140, R7000 versiones anteriores a 1. 0.11.126, R7000P versiones anteriores a 1.3.3.140, R7850 versiones anteriores a 1.0.5.74, R7900 versiones anteriores a 1.0.4.46, R7900P versiones anteriores a 1.4.2.84, R7960P versiones anteriores a 1.4.2. 84, R8000 versiones anteriores a 1.0.4.74, R8000P versiones anteriores a 1.4.2.84, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4. 120, RAX35v2 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX45 versiones anteriores a 1.0.3.96, RAX50 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1. 0.4.120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17. 12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RS400 versiones anteriores a 1.5.1.80, XR1000 versiones anteriores a 1.0.0.58 y XR300 versiones anteriores a 1.0.3.68", }, ], id: "CVE-2021-45620", lastModified: "2024-11-21T06:32:41.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:18.703", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | eax20_firmware | * | |
| netgear | eax20 | - | |
| netgear | eax80_firmware | * | |
| netgear | eax80 | - | |
| netgear | ex3700_firmware | * | |
| netgear | ex3700 | - | |
| netgear | ex3800_firmware | * | |
| netgear | ex3800 | - | |
| netgear | ex6120_firmware | * | |
| netgear | ex6120 | - | |
| netgear | ex6130_firmware | * | |
| netgear | ex6130 | - | |
| netgear | ex7500_firmware | * | |
| netgear | ex7500 | - | |
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62EFA314-85C0-48CC-938E-E2BF42B16746", versionEndExcluding: "1.0.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7EE6BC6-DEDA-4005-9E29-D66D0BC7E5C2", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20A423A5-04E9-4323-9818-6C9B78065103", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "850D0AE9-A57C-47D3-9D44-7EE24E6F594D", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B9DB22D-0775-48CE-A97D-BA3B5873C9F8", versionEndExcluding: "1.0.0.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F747A14B-5331-428E-8B53-724090554E07", versionEndExcluding: "1.0.0.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F388398-842E-40B1-9ACC-2D9A15D2BF2A", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2240C06-A117-48E6-9576-C58F3314A160", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un ataque de tipo XSS almacenado. Esto afecta a EAX20 versiones anteriores a 1.0.0.36, EAX80 versiones anteriores a 1.0.1.62, EX3700 versiones anteriores a 1.0.0.90, EX3800 versiones anteriores a 1.0.0.90, EX6120 versiones anteriores a 1.0.0.64, EX6130 versiones anteriores a 1.0.0.44, EX7500 versiones anteriores a 1.0.0.72, RBW30 versiones anteriores a 2.6.1.4, RBW40V versiones anteriores a 2.6.1.4. 6.1.4, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6 y RBS40V versiones anteriores a 2.6.1.4", }, ], id: "CVE-2021-45665", lastModified: "2024-11-21T06:32:49.553", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 5.3, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:20.780", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064120/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0247", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-21 18:15
Modified
2024-11-21 07:14
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbs750_firmware | 4.6.8.5 | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:4.6.8.5:*:*:*:*:*:*:*", matchCriteriaId: "7CE366C8-EEC7-4725-AA02-C4ED5E204E01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.", }, ], id: "CVE-2022-37337", lastModified: "2024-11-21T07:14:47.110", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "talos-cna@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-21T18:15:12.097", references: [ { source: "talos-cna@cisco.com", url: "https://kb.netgear.com/000065417/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0187", }, { source: "talos-cna@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1596", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kb.netgear.com/000065417/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0187", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1596", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1596", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "talos-cna@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RAX75 versiones anteriores a 1.0.3.106, RAX80 versiones anteriores a 1.0.3.106, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45538", lastModified: "2024-11-21T06:32:27.467", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:14.793", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064088/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0074", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064088/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0074", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user . This affects RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rax200_firmware | * | |
| netgear | rax200 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rbk752 | - | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04513F08-329D-446F-A356-29074C1C0BEA", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user . This affects RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado . Esto afecta a RAX200 versiones anteriores a 1.0.3.106, RAX75 versiones anteriores a 1.0.3.106, RAX80 versiones anteriores a 1.0.3.106, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45537", lastModified: "2024-11-21T06:32:27.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:14.747", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064083/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0061", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064083/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0061", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | eax80_firmware | * | |
| netgear | eax80 | - | |
| netgear | ex3700_firmware | * | |
| netgear | ex3700 | - | |
| netgear | ex3800_firmware | * | |
| netgear | ex3800 | - | |
| netgear | ex6120_firmware | * | |
| netgear | ex6120 | - | |
| netgear | ex6130_firmware | * | |
| netgear | ex6130 | - | |
| netgear | ex7500_firmware | * | |
| netgear | ex7500 | - | |
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v | - | |
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1344C924-0296-4F49-BF9F-113BB643CDD5", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20A423A5-04E9-4323-9818-6C9B78065103", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "850D0AE9-A57C-47D3-9D44-7EE24E6F594D", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B9DB22D-0775-48CE-A97D-BA3B5873C9F8", versionEndExcluding: "1.0.0.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F747A14B-5331-428E-8B53-724090554E07", versionEndExcluding: "1.0.0.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F388398-842E-40B1-9ACC-2D9A15D2BF2A", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2240C06-A117-48E6-9576-C58F3314A160", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.64, EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, RBW30 before 2.6.1.4, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, and RBS40V before 2.6.1.4.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un ataque de tipo XSS almacenado. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, EAX80 versiones anteriores a 1.0.1.64, EX3700 versiones anteriores a 1.0.0.90, EX3800 versiones anteriores a 1.0.0.90, EX6120 versiones anteriores a 1.0.0.64, EX6130 versiones anteriores a 1.0.0.44, EX7500 versiones anteriores a 1.0.0.72, RBW30 versiones anteriores a 2. 6.1.4, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6 y RBS40V versiones anteriores a 2.6.1.4", }, ], id: "CVE-2021-45666", lastModified: "2024-11-21T06:32:49.713", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 5.3, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:20.827", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064121/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0254", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064121/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0254", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una divulgación de credenciales administrativas. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11 y RBS850 versiones anteriores a 3.2.10.11", }, ], id: "CVE-2020-26906", lastModified: "2024-11-21T05:20:27.713", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:16.463", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062348/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0048", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062348/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0048", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBW30 before 2.6.2.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBS40V before 2.6.2.8.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EF8E22-9DC7-4A42-99E0-A6822F647DF7", versionEndExcluding: "2.6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E56DEEC-4A36-4B33-951A-049D2582F7A4", versionEndExcluding: "2.6.2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBW30 before 2.6.2.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBS40V before 2.6.2.8.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una omisión de autenticación. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, RBW30 versiones anteriores a 2.6.2.2, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17. 12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12 y RBS40V versiones anteriores a 2.6.2.8", }, ], id: "CVE-2021-45507", lastModified: "2024-11-21T06:32:22.423", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:13.230", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064131/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064131/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0487", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-21 18:15
Modified
2024-11-21 07:12
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbs750_firmware | 4.6.8.5 | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:4.6.8.5:*:*:*:*:*:*:*", matchCriteriaId: "7CE366C8-EEC7-4725-AA02-C4ED5E204E01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.", }, ], id: "CVE-2022-36429", lastModified: "2024-11-21T07:12:59.513", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "talos-cna@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-21T18:15:11.970", references: [ { source: "talos-cna@cisco.com", url: "https://kb.netgear.com/000065424/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0188", }, { source: "talos-cna@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1597", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kb.netgear.com/000065424/Security-Advisory-for-Command-Injection-on-Some-Orbi-WiFi-Systems-PSV-2022-0188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1597", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1597", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-912", }, ], source: "talos-cna@cisco.com", type: "Primary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25, RBS850 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25 y RBS840 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14436", lastModified: "2024-11-21T05:03:16.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.750", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061933/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0039", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061933/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0039", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 00:16
Modified
2024-11-21 06:17
Severity ?
8.1 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v2 before 1.0.1.98, EX6250 before 1.0.0.132, EX6400 before 1.0.2.158, EX6400v2 before 1.0.0.132, EX6410 before 1.0.0.132, EX6420 before 1.0.0.132, EX7300 before 1.0.2.158, EX7300v2 before 1.0.0.132, EX7320 before 1.0.0.132, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, R7800 before 1.0.2.78, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.6.2.4, RBS50Y before 2.6.1.40, RBW30 before 2.6.2.2, and XR500 before 2.3.2.114.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7001C735-233D-49D6-8289-38E5CCE6E8BA", versionEndExcluding: "2.5.0.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "831DEEB8-5BA1-48E6-882E-F31466516452", versionEndExcluding: "1.0.1.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", matchCriteriaId: "88DD070C-7CBD-48A5-8D77-7C3D1C502D65", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EF79426-64C8-4FAB-A199-AB7CB82FCD53", versionEndExcluding: "1.0.1.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", matchCriteriaId: "49846803-C6FB-4DD3-ADA7-78B9923536F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D22C6800-451D-472D-9E14-CBFBFD3BC6EC", versionEndExcluding: "1.0.0.132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", matchCriteriaId: "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A60E332-CA18-4617-B7C1-4BE82470DE34", versionEndExcluding: "1.0.2.158", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", matchCriteriaId: "1289BBB4-1955-46A4-B5FE-BF11153C24F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF2A822-3756-4966-BFC2-3C69850023E2", versionEndExcluding: "1.0.0.132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6400:v2:*:*:*:*:*:*:*", matchCriteriaId: "946947C2-E4B2-4984-9233-4D4890E1BE07", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6BD99BE2-29BF-4BB5-A8C0-C5E8ACF37D87", versionEndExcluding: "1.0.0.132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", matchCriteriaId: "C63267D8-4632-4D14-B39C-BEEC62AD8F87", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B53ACF6-D0A6-4C2B-AAE4-1FFABA43CE4C", versionEndExcluding: "1.0.0.132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", matchCriteriaId: "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "374F6EAA-A607-4A8F-BA86-EA770BA99189", versionEndExcluding: "1.0.2.158", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", matchCriteriaId: "F285D60D-A5DA-4467-8F79-15EF8135D007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "374F6EAA-A607-4A8F-BA86-EA770BA99189", versionEndExcluding: "1.0.2.158", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7300:v2:*:*:*:*:*:*:*", matchCriteriaId: "A44B9FAB-7EC4-4B2B-B3E5-A372645AE661", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "16389368-58DD-4EC1-A7F2-398AFF6A1E41", versionEndExcluding: "1.0.0.132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", matchCriteriaId: "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8DC1B77-994C-473C-AC97-7CC06341C607", versionEndExcluding: "1.0.0.216", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", matchCriteriaId: "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4F00B47-FFC8-4D45-B49E-8347504A9A4C", versionEndExcluding: "1.0.1.232", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", matchCriteriaId: "8D9781C9-799A-4BDA-A027-987627A01633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "973084FA-72C8-4ADB-86B8-57C42FDB6569", versionEndExcluding: "1.0.2.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EC30751-F447-45A7-8C57-B73042869EA5", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", matchCriteriaId: "D5465A78-4826-4F72-9CBE-528CBF286A79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8246B8D3-8455-43B1-B0FA-F677B8FF84F5", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", matchCriteriaId: "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28DA498C-B466-422E-BAD2-A1F9A15B157F", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", matchCriteriaId: "32BAB5C0-F645-4A90-833F-6345335FA1AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72FDDB4-0802-467B-A255-06C8CE1A0B92", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C80BEFF8-7094-4F21-B9E7-EE5C8B9DF3B3", versionEndExcluding: "2.6.1.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04F03BE5-1440-4BC4-B902-97E702ED0ADF", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09631703-25CD-40CB-80A8-AADD43939507", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E21623E-9977-486F-93B1-858FC407E9D1", versionEndExcluding: "2.6.1.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A32769CF-7D0A-4A3F-AF20-6202CA0C6870", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E3BFCB-BFF8-4722-BE48-5FA93CACD3AD", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39D6318D-F5A2-4469-B508-075F2825F0FA", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F44708A-C946-4E0F-9D6C-A91AFB4C9EF3", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CA086E1-DB23-4130-B746-D56F5A188C3B", versionEndExcluding: "2.6.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9E75105-CB35-4983-8CC0-98699AAA63BE", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", matchCriteriaId: "27F93A76-6EFF-4DA6-9129-4792E2C125D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EF8E22-9DC7-4A42-99E0-A6822F647DF7", versionEndExcluding: "2.6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4476F0C6-0A7D-4735-940C-F5C75316EEE9", versionEndExcluding: "2.3.2.114", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v2 before 1.0.1.98, EX6250 before 1.0.0.132, EX6400 before 1.0.2.158, EX6400v2 before 1.0.0.132, EX6410 before 1.0.0.132, EX6420 before 1.0.0.132, EX7300 before 1.0.2.158, EX7300v2 before 1.0.0.132, EX7320 before 1.0.0.132, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, R7800 before 1.0.2.78, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.6.2.4, RBS50Y before 2.6.1.40, RBW30 before 2.6.2.2, and XR500 before 2.3.2.114.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.14, EX6100v2 versiones anteriores a 1.0.1.98, EX6150v2 versiones anteriores a 1.0.1.98, EX6250 versiones anteriores a 1.0.0.132, EX6400 versiones anteriores a 1.0.2.158, EX6400v2 versiones anteriores a 1.0.0.132, EX6410 versiones anteriores a 1.0.0.132, EX6420 versiones anteriores a 1.0.0.132, EX7300 versiones anteriores a 1. 0.2.158, EX7300v2 versiones anteriores a 1.0.0.132, EX7320 versiones anteriores a 1.0.0.132, EX7700 versiones anteriores a 1.0.0.216, EX8000 versiones anteriores a 1.0.1.232, R7800 versiones anteriores a 1.0.2.78, RBK12 versiones anteriores a 2.6.1.44, RBR10 versiones anteriores a 2.6.1.44, RBS10 versiones anteriores a 2.6.1.44, RBK20 versiones anteriores a 2. 6.1.38, RBR20 versiones anteriores a 2.6.1.36, RBS20 versiones anteriores a 2.6.1.38, RBK40 versiones anteriores a 2.6.1.38, RBR40 versiones anteriores a 2.6.1.36, RBS40 versiones anteriores a 2.6.1.38, RBK50 versiones anteriores a 2.6.1.40, RBR50 versiones anteriores a 2.6.1.40, RBS50 versiones anteriores a 2.6.1.40, RBK752 versiones anteriores a 3.2.16. 6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBS40V versiones anteriores a 2.6.2.4, RBS50Y versiones anteriores a 2.6.1.40, RBW30 versiones anteriores a 2.6.2.2 y XR500 versiones anteriores a 2.3.2.114", }, ], id: "CVE-2021-38527", lastModified: "2024-11-21T06:17:20.593", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T00:16:18.947", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063778/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Extenders-Routers-and-WiFi-Systems-PSV-2020-0025", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063778/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Extenders-Routers-and-WiFi-Systems-PSV-2020-0025", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 00:15
Modified
2024-11-21 06:17
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D7800 before 1.0.1.44, D8500 before 1.0.3.43, DC112A before 1.0.0.40, DGN2200v4 before 1.0.0.108, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.40, R6850 before 1.1.0.40, R6350 before 1.1.0.40, R6400v2 before 1.0.2.62, R6700v3 before 1.0.2.62, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7000 before 1.0.9.34, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7200 before 1.2.0.48, R7350 before 1.2.0.48, R7400 before 1.2.0.48, R7450 before 1.2.0.36, AC2100 before 1.2.0.36, AC2400 before 1.2.0.36, AC2600 before 1.2.0.36, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, R7900 before 1.0.3.8, R7960P before 1.4.1.44, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RAX120 before 1.0.0.74, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, WNR3500Lv2 before 1.2.0.56, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4F36AC74-11DB-4805-9B73-302F86A8C240", versionEndExcluding: "1.0.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EEA190-2E9C-4586-BF81-B115532FBA23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E84B61C3-54CA-4127-AE6B-E63AB51E0C85", versionEndExcluding: "1.0.0.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", matchCriteriaId: "7D30939B-86E3-4C78-9B05-686B4994C8B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A0D49BA-4843-4F7E-984A-FF7BDF292F56", versionEndExcluding: "1.0.0.52", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*", matchCriteriaId: "D8780623-F362-4FA5-8B33-37E9CB3FEE12", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A6C9089-563D-4345-90C7-D2D512382BF1", versionEndExcluding: "1.0.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6DF302FA-84AA-4863-B30F-7E4364CD098C", versionEndExcluding: "1.0.3.43", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", matchCriteriaId: "814A0114-9A1D-4EA0-9AF4-6968514E4F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7587473-93CA-4998-9D73-0E936E425F23", versionEndExcluding: "1.0.0.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*", matchCriteriaId: "F87FFC46-137D-45B8-B437-F15565FB33D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dgn2200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "373DD028-D307-4B4A-9C35-DDC9366F481F", versionEndExcluding: "1.0.0.108", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dgn2200:v4:*:*:*:*:*:*:*", matchCriteriaId: "099184A0-F1C6-4C3F-9C3B-F0B9AC0D4D14", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA9F2B44-4114-495A-B200-B703FDFC3F8F", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A25B8627-D325-493B-8B7D-4F900334F0D8", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81ED6C61-2A7C-49EC-BD3D-466442EF715C", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "448D7EA1-A7BB-4AA5-8260-1D533D6A99AC", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1525B9D0-B147-437D-ACAE-58819A1F4FC6", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4515F985-B714-480C-8FBA-2499A29F29FA", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CC5263E-71E4-4B63-AD77-D1E72DC704B0", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D130E198-E9F5-4250-9C52-E39DF5C96711", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08426AC6-4811-43E8-87EB-204A2729C49B", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "973CBC26-395C-407F-937B-4E9D2DBE282C", versionEndExcluding: "1.0.0.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*", matchCriteriaId: "5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "38FE855A-C695-4D0B-98C8-1D09265F0092", versionEndExcluding: "1.0.0.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*", matchCriteriaId: "1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A26A8815-5A8C-499B-8B30-90ADA47DA3C6", versionEndExcluding: "1.0.0.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*", matchCriteriaId: "D18D2CCD-424F-41D5-919B-E22B9FA68D36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "220EBC67-69DA-43D6-8B09-EBEEEF29679D", versionEndExcluding: "1.1.0.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", matchCriteriaId: "B131B5C8-CB7F-433B-BA32-F05CE0E92A66", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9466A450-0351-4B2D-B816-6A1B6F4F34B9", versionEndExcluding: "1.1.0.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*", matchCriteriaId: "C91CADFA-59DB-4B6C-A914-848884F4A4BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1DD1F7D-7556-4B95-A33F-E389948D20AA", versionEndExcluding: "1.0.4.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", matchCriteriaId: "321BE843-52C4-4638-A321-439CA7B3A6F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF20BDF1-ADE3-4C82-8E11-C720DA0BCD26", versionEndExcluding: "1.1.0.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*", matchCriteriaId: "3C395D49-57F9-4BC1-8619-57127355B86B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0BC2E51-CD2D-43F2-B4BF-D2487673487D", versionEndExcluding: "1.1.0.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*", matchCriteriaId: "598B48C5-4706-4431-8C5A-DA496DD1052F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "256D5AB2-9B04-4569-84F3-ACA6B8283176", versionEndExcluding: "1.1.0.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*", matchCriteriaId: "4B302909-29CF-4E53-9CCB-8664D3FCB03A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91532716-831D-401C-8707-86785F0A4E16", versionEndExcluding: "1.0.2.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*", matchCriteriaId: "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73CE0588-37C3-48C1-B013-3277CCE4EF98", versionEndExcluding: "1.0.2.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*", matchCriteriaId: "5A09A9E8-8C77-4EDB-9483-B3C540EF083A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A4FB8A1-D380-4234-88EB-91BFF6D215C7", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*", matchCriteriaId: "9F9706E6-CA53-43E4-91B0-D52655C86860", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3C39CE79-6433-47E2-A439-9AB1DFBD843C", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*", matchCriteriaId: "09404083-B00B-4C1F-8085-BC242E625CA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DB6992BA-B0F5-4E00-84F4-0B0336910AFA", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*", matchCriteriaId: "2E8EB69B-6619-47B6-A073-D0B840D4EB0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E453D3AE-A218-4791-BB19-79C2CF6EC6F8", versionEndExcluding: "1.0.9.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52A6DEB2-3A33-4184-866D-9C8D9DD991C6", versionEndExcluding: "1.3.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "90805FFE-E59D-43D2-BF1E-D55458CF05BF", versionEndExcluding: "1.3.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B484FA9-17B9-4829-9152-83691EE6A9BB", versionEndExcluding: "1.0.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", matchCriteriaId: "366FA778-3C2A-42AF-9141-DAD7043B406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6DC5CA05-2101-4C3A-9E04-D977EBEA9B0B", versionEndExcluding: "1.2.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7200:-:*:*:*:*:*:*:*", matchCriteriaId: "FECB83F9-D417-4FD3-B293-87BC177E3AEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E355B76-0211-452E-8A1B-F5C7B8CD4782", versionEndExcluding: "1.2.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7350:-:*:*:*:*:*:*:*", matchCriteriaId: "AFD1A65C-F10F-4C52-8B6D-69992E512EB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08D8DE61-6C45-48DC-9914-10CDB3273FFA", versionEndExcluding: "1.2.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7400:-:*:*:*:*:*:*:*", matchCriteriaId: "1F68AC3B-A31F-4AB0-89E9-BFFDE427AD3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "153A698C-B517-4B5B-B7AB-D2A50F461213", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*", matchCriteriaId: "6DA5420D-DD64-4A9C-9B5F-784F0ED2B464", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E46DF93A-4331-4AC2-A45F-7A729441C395", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2100:-:*:*:*:*:*:*:*", matchCriteriaId: "A80B06A1-81B5-4C33-89F6-EC3F6E3068B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE12CDFB-D0CD-451A-A52F-90F907ADDAEF", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2400:-:*:*:*:*:*:*:*", matchCriteriaId: "6B25A18F-DD96-45FE-B098-71E60CB0FFFE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "38297D93-B613-4E6C-9C35-2C3A45E72A2F", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2600:-:*:*:*:*:*:*:*", matchCriteriaId: "2BFCD9A8-1846-48C4-9F14-3866E983FB74", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "536487B8-FF04-4526-BE91-44437256525C", versionEndExcluding: "1.0.3.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*", matchCriteriaId: "2E0DFBF4-E393-44AE-AEF9-1B2059EE5AE8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F9D54BE2-47EB-48F1-A6D0-FB0A2F5094C4", versionEndExcluding: "1.0.2.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845CF217-8361-4D5B-811D-B9CEB68880CB", versionEndExcluding: "1.0.3.8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "24B5561C-CB98-45BE-A39D-0C1CD8DFFA1A", versionEndExcluding: "1.4.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "98FAEBDA-5FBA-402D-9BA1-25E5DF4EF55F", versionEndExcluding: "1.0.4.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BBB7E16-D31C-49EA-9D82-D3BACED95441", versionEndExcluding: "1.4.1.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6791754E-E5F9-42EA-AFDA-F93E8227A7C8", versionEndExcluding: "1.4.1.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F52E74FF-6E04-4F96-966C-4355B38CF4DE", versionEndExcluding: "1.0.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2110965C-E19B-48D2-954D-145C45D0E7EF", versionEndExcluding: "1.0.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79E7E940-B043-40A7-9347-331DF006656E", versionEndExcluding: "1.0.0.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", matchCriteriaId: "1742BD56-84E4-40E1-8C04-098B3715161E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0960178A-5EC8-4C53-8AA2-060025782DC0", versionEndExcluding: "1.2.0.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*", matchCriteriaId: "C8DE4BFA-41DE-4748-ACC7-14362333A059", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "804E18F1-4621-4650-9015-49A9137A0C39", versionEndExcluding: "2.3.2.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", matchCriteriaId: "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29216B3A-9A3B-4752-99C2-4A9CFA8E5E26", versionEndExcluding: "2.3.2.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D7800 before 1.0.1.44, D8500 before 1.0.3.43, DC112A before 1.0.0.40, DGN2200v4 before 1.0.0.108, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.40, R6850 before 1.1.0.40, R6350 before 1.1.0.40, R6400v2 before 1.0.2.62, R6700v3 before 1.0.2.62, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7000 before 1.0.9.34, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7200 before 1.2.0.48, R7350 before 1.2.0.48, R7400 before 1.2.0.48, R7450 before 1.2.0.36, AC2100 before 1.2.0.36, AC2400 before 1.2.0.36, AC2600 before 1.2.0.36, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, R7900 before 1.0.3.8, R7960P before 1.4.1.44, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RAX120 before 1.0.0.74, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, WNR3500Lv2 before 1.2.0.56, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una falta de control de acceso a nivel de función. Esto afecta a D6220 versiones anteriores a 1.0.0.48, D6400 versiones anteriores a 1.0.0.82, D7000v2 versiones anteriores a 1.0.0.52, D7800 versiones anteriores a 1.0.1.44, D8500 versiones anteriores a 1.0.3.43, DC112A versiones anteriores a 1.0.0.40, DGN2200v4 versiones anteriores a 1.0.0.108, RBK50 versiones anteriores a 2.3.0.32, RBR50 versiones anteriores a 2.3.0.32, RBS50 versiones anteriores a 2.3.0.32, RBK20 versiones anteriores a 2.3.0.28, RBR20 versiones anteriores a 2.3.0.28, RBS20 versiones anteriores a 2.3.0.28, RBK40 versiones anteriores a 2.3.0.28, RBR40 versiones anteriores a 2.3.0.28, RBS40 versiones anteriores a 2.3.0.28, R6020 versiones anteriores a 1.0.0.34, R6080 versiones anteriores a 1.0.0.34, R6120 versiones anteriores a 1.0.0.44, R6220 versiones anteriores a 1.1.0.80, R6230 versiones anteriores a 1.1.0.80, R6250 versiones anteriores a 1.0.4.34, R6260 versiones anteriores a 1.1.0.40, R6850 versiones anteriores a 1.1.0.40, R6350 versiones anteriores a 1.1.0.40, R6400v2 versiones anteriores a 1.0.2.62, R6700v3 versiones anteriores a 1.0.2.62, R6700v2 versiones anteriores a 1.2.0.36, R6800 versiones anteriores a 1.2.0.36, R6900v2 versiones anteriores a 1.2.0.36, R7000 versiones anteriores a 1.0.9.34, R6900P versiones anteriores a 1.3.1.44, R7000P versiones anteriores a 1.3.1.44, R7100LG versiones anteriores a 1.0.0.48, R7200 versiones anteriores a 1.2.0.48, R7350 versiones anteriores a 1.2.0.48, R7400 versiones anteriores a 1.2.0.48, R7450 versiones anteriores a 1.2.0.36, AC2100 versiones anteriores a 1.2.0.36, AC2400 versiones anteriores a 1.2.0.36, AC2600 versiones anteriores a 1.2.0.36, R7500v2 versiones anteriores a 1.0.3.38, R7800 versiones anteriores a 1.0.2.58, R7900 versiones anteriores a 1.0.3.8, R7960P versiones anteriores a 1.4.1.44, R8000 versiones anteriores a 1.0.4.28, R7900P versiones anteriores a 1.4.1.30, R8000P versiones anteriores a 1.4.1.30, R8900 versiones anteriores a 1.0.4.2, R9000 versiones anteriores a 1.0.4.2, RAX120 versiones anteriores a 1.0.0.74, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, WNR3500Lv2 versiones anteriores a 1.2.0.56, XR450 versiones anteriores a 2.3.2.32, and XR500 versiones anteriores a 2.3.2.32", }, ], id: "CVE-2021-38516", lastModified: "2024-11-21T06:17:18.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T00:15:25.580", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063780/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2020-0273", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063780/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Routers-Gateways-and-WiFi-Systems-PSV-2020-0273", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14440", lastModified: "2024-11-21T05:03:16.930", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:13.140", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061943/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0065", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061943/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0065", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45560", lastModified: "2024-11-21T06:32:31.343", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:15.847", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064081/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0057", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064081/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0057", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-23 07:15
Modified
2024-11-21 06:00
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbk854_firmware | * | |
| netgear | rbk854 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbk754_firmware | * | |
| netgear | rbk754 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EF8E22-9DC7-4A42-99E0-A6822F647DF7", versionEndExcluding: "2.6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64DF0B69-B591-47B6-88C1-82544AA3DE9B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "106863FF-9BE9-4C18-9A86-C458FF9EBDD6", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*", matchCriteriaId: "01D12702-8B86-419C-8636-1259FD2D5844", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1723D5F-FFDB-4E4D-80B7-4B28598D5895", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D041B9F-37E4-48A9-9841-85EFFF7FA1D1", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E6FDC1-BB17-454A-9B3A-5FB1F705C56B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk754:-:*:*:*:*:*:*:*", matchCriteriaId: "F8BF464E-63DB-4AC4-9B5D-E3ECDC000305", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región stack de la memoria por parte de un usuario autenticado. Esto afecta a RBW30 versiones anteriores a 2.6.2.2, RBK852 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17. 12, RBK752 versiones anteriores a 3.2.17.12, RBK753 versiones anteriores a 3.2.17.12, RBK753S versiones anteriores a 3.2.17.12, RBK754 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12 y RBS750 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-29075", lastModified: "2024-11-21T06:00:39.567", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-23T07:15:13.857", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063010/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0466", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063010/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0466", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45566", lastModified: "2024-11-21T06:32:32.407", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.130", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064087/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0070", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064087/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0070", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una divulgación de credenciales administrativas. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14428", lastModified: "2024-11-21T05:03:14.810", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061936/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0044", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061936/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0044", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-30 00:15
Modified
2024-11-21 05:28
Severity ?
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D6000 before 1.0.0.80, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D7800 before 1.0.3.48, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, DM200 before 1.0.0.66, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX2700 before 1.0.1.58, EX3110 before 1.0.1.68, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100v2 before 1.0.1.94, EX6110 before 1.0.1.68, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150v1 before 1.0.0.46, EX6150v2 before 1.0.1.94, EX6200v1 before 1.0.3.94, EX6250 before 1.0.0.128, EX6400 before 1.0.2.152, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7300 before 1.0.2.152, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, EX7500 before 1.0.0.68, EX7700 before 1.0.0.210, EX8000 before 1.0.1.224, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.42, R6260 before 1.1.0.76, R6300v2 before 1.0.4.42, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400v1 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v1 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900 before 1.0.2.16, R6900P before 1.3.2.124, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7500v2 before 1.0.3.48, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.5.24, RAX35 before 1.0.3.80, RAX40 before 1.0.3.80, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.38, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.5.1.6, RBS40V-200 before 1.0.0.46, RBS50Y before 2.6.1.40, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3000RPv3 before 1.0.2.86, WN3500RPv1 before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C1280B1-A2DF-4CAB-AB19-6B463206AA3D", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2100:-:*:*:*:*:*:*:*", matchCriteriaId: "A80B06A1-81B5-4C33-89F6-EC3F6E3068B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "76C658A4-BF82-40CE-A5E1-C9F3DA1A9B0B", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2400:-:*:*:*:*:*:*:*", matchCriteriaId: "6B25A18F-DD96-45FE-B098-71E60CB0FFFE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A3A6655-B468-46FB-84D7-2294D4243C91", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2600:-:*:*:*:*:*:*:*", matchCriteriaId: "2BFCD9A8-1846-48C4-9F14-3866E983FB74", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C3B3284-B11F-4752-9C6A-0B5BECA3DB2B", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "E526746E-1ED6-492E-B28C-A1CA8235D9FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "762CAE87-3C98-4DB8-9B3D-5CCC3D555004", versionEndExcluding: "1.0.0.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6F6EA344-FF99-4F27-9860-3C5BE07345A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2A04BB9-E816-49B5-B539-4B36A5CFFA22", versionEndExcluding: "1.0.0.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EEA190-2E9C-4586-BF81-B115532FBA23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F4BC21D-8354-4C71-BE68-9D1A14A9471F", versionEndExcluding: "1.0.0.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", matchCriteriaId: "7D30939B-86E3-4C78-9B05-686B4994C8B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B3DCFE88-1262-43BF-88BB-B26658EDEDF1", versionEndExcluding: "1.0.0.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93A32171-41B3-43DF-9027-51382D83158A", versionEndExcluding: "1.0.3.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F3F88DD-CE38-45A8-990A-4770A480D1BF", versionEndExcluding: "1.0.3.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", matchCriteriaId: "814A0114-9A1D-4EA0-9AF4-6968514E4F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D989E9B-5626-4238-877A-FFB0FC1C6352", versionEndExcluding: "1.0.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*", matchCriteriaId: "F87FFC46-137D-45B8-B437-F15565FB33D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE1AC249-D64C-4E61-A22A-1498712D2758", versionEndExcluding: "1.0.0.114", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*", matchCriteriaId: "0BE59214-C8A1-4337-A54C-E4E8C149B241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFD91F26-5253-4A05-AB69-94CB2C416F83", versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", matchCriteriaId: "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62EFA314-85C0-48CC-938E-E2BF42B16746", versionEndExcluding: "1.0.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7EE6BC6-DEDA-4005-9E29-D66D0BC7E5C2", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F81FC1BC-5186-4642-AD43-459C707B18CB", versionEndExcluding: "1.0.1.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3110_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "16871358-4EF4-4517-BA05-6ED135691566", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3110:-:*:*:*:*:*:*:*", matchCriteriaId: "3C254694-4C37-4C5E-BF1C-06EC09BDCA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "953A4436-6F98-494C-B184-354E577F8E59", versionEndExcluding: "1.0.0.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF7B1DD1-E197-461C-9537-C6D1DF2F6D7D", versionEndExcluding: "1.0.0.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3920_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33BDAF99-3E64-427E-ACAF-AEFB75401C72", versionEndExcluding: "1.0.0.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3920:-:*:*:*:*:*:*:*", matchCriteriaId: "E576341B-2426-4F4D-8DF4-0A6D462656A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EDB99B74-2E41-4986-96BB-B728ED32405B", versionEndExcluding: "1.0.0.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*", matchCriteriaId: "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93543159-8F91-471D-BBE8-2956520DBD71", versionEndExcluding: "1.0.1.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", matchCriteriaId: "4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6110_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E7EBD31-5A65-442D-B7BD-B8A20BE37C20", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6110:-:*:*:*:*:*:*:*", matchCriteriaId: "04329A16-D96D-4E1D-8AC9-EA3882F1DC41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D1AA1E29-118C-4299-91FA-2C8584EC6F6C", versionEndExcluding: "1.0.0.54", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B845CEBF-A8A2-474B-9094-43AA53560150", versionEndExcluding: "1.0.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6150v1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3141B266-38D7-43DB-B3CD-750D491F0AEA", versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6150v1:-:*:*:*:*:*:*:*", matchCriteriaId: "8FD610F2-64B7-4141-A387-69A2A97C20CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B9B1AB33-CF18-4774-81F9-7ADA5819F8E8", versionEndExcluding: "1.0.1.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", matchCriteriaId: "5828F04B-E373-4E4F-942D-08CCA038418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6200v1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34961F45-369E-4344-A498-CF822A1503F9", versionEndExcluding: "1.0.3.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6200v1:-:*:*:*:*:*:*:*", matchCriteriaId: "AA1A7496-E8F3-48CA-965B-367B3C33F962", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DB1C84E8-B947-4850-9D66-E306557DC316", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", matchCriteriaId: "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CFA90DB-6949-4743-9B63-F1E73B28C7D0", versionEndExcluding: "1.0.2.152", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", matchCriteriaId: "1289BBB4-1955-46A4-B5FE-BF11153C24F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "22C5E2C9-E8DA-478A-B3B1-2C0038B5D560", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "5882095F-B22A-4937-BA08-6640140F10AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DD3A7D2-75CE-4C67-AAE2-75F09653DFA7", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", matchCriteriaId: "C63267D8-4632-4D14-B39C-BEEC62AD8F87", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6920_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FF964D1-1FCE-467B-8B7F-8189CDF728D4", versionEndExcluding: "1.0.0.54", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6920:-:*:*:*:*:*:*:*", matchCriteriaId: "65914D7F-39EA-489B-8DE7-8547AFC05F64", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A096742-1FFA-4C19-B697-EC5154411CF2", versionEndExcluding: "1.0.1.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", matchCriteriaId: "9F45B620-60B8-40F3-A055-181ADD71EFFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79610A3C-B1B8-4E1A-B46B-25F58670A759", versionEndExcluding: "1.0.2.152", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", matchCriteriaId: "F285D60D-A5DA-4467-8F79-15EF8135D007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3B1295F-3207-4DF4-BA5B-0DE7AB289636", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "0A88D2A3-3B22-4639-94E9-69CE80F37392", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EE4BFF4-42DA-4A09-892E-6FBBE72B28A6", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", matchCriteriaId: "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B59B0C17-2714-48E8-8911-E72488CE32E3", versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6566C37A-252E-4301-952E-5C6F19F42326", versionEndExcluding: "1.0.0.210", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", matchCriteriaId: "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "456DA66C-6B99-4D0D-8F32-952905F9C752", versionEndExcluding: "1.0.1.224", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", matchCriteriaId: "8D9781C9-799A-4BDA-A027-987627A01633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7658849-0743-487B-803F-D49680EDF185", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E18CCBB-46CD-423D-AA66-36F223EFD6E6", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07A1D7A9-29E9-4B1D-90DB-24E0967C9BC7", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F898DC9-9250-47DF-844C-F7308365135B", versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*", matchCriteriaId: "D18D2CCD-424F-41D5-919B-E22B9FA68D36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79B24229-6AC2-489D-B542-4DAA7E630180", versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", matchCriteriaId: "B131B5C8-CB7F-433B-BA32-F05CE0E92A66", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B5B842D-2275-4968-997B-A70A67CBDBEC", versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*", matchCriteriaId: "C91CADFA-59DB-4B6C-A914-848884F4A4BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CE369F2-053B-4F67-B295-54EE41C6C4DA", versionEndExcluding: "1.0.4.42", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", matchCriteriaId: "321BE843-52C4-4638-A321-439CA7B3A6F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23D4F7E6-C042-434E-87B8-55DB18B08B0A", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*", matchCriteriaId: "3C395D49-57F9-4BC1-8619-57127355B86B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD8455EE-AFAD-445D-910B-E8D9F02E8B1B", versionEndExcluding: "1.0.4.42", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "7909744D-FE9B-49D1-ADB3-029CCC432A47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6330_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6524B85E-23AC-4983-8331-96E12899B773", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6330:-:*:*:*:*:*:*:*", matchCriteriaId: "D621D26D-B144-424A-A9CB-19488399ACC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F105F6F-ECD3-411D-924E-94BCF036C1EA", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6350:-:*:*:*:*:*:*:*", matchCriteriaId: "4B302909-29CF-4E53-9CCB-8664D3FCB03A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C48E07DA-A6D2-4035-BC2B-DC257148A259", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v1:-:*:*:*:*:*:*:*", matchCriteriaId: "39608E61-7E2C-49AA-9719-A40095B1C8A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E32C097-6EDF-4C81-A375-028DB67B6231", versionEndExcluding: "1.0.4.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "715A8158-B6A6-43FF-A0C0-0871EAB07667", versionEndExcluding: "1.0.2.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v1:-:*:*:*:*:*:*:*", matchCriteriaId: "A4187FD4-8045-4C00-A8F2-D37B5549E716", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9C5AB644-B80D-48A3-B794-C483FEFAFDED", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v2:-:*:*:*:*:*:*:*", matchCriteriaId: "C9793286-86D2-43BF-B9B8-823C05BCAE4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCCFD041-9413-4E37-8C4D-F50D1B10582B", versionEndExcluding: "1.0.4.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8956A99-1071-42A7-8984-D7134E755CBF", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*", matchCriteriaId: "09404083-B00B-4C1F-8085-BC242E625CA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8956A99-1071-42A7-8984-D7134E755CBF", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*", matchCriteriaId: "09404083-B00B-4C1F-8085-BC242E625CA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3408536D-FC77-48C5-AD15-C5A170D7417C", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6850:-:*:*:*:*:*:*:*", matchCriteriaId: "598B48C5-4706-4431-8C5A-DA496DD1052F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1D59AC0-2859-46C0-B050-3BB8E3E9CB06", versionEndExcluding: "1.0.2.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*", matchCriteriaId: "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61DE3850-1661-43D1-9E52-31E2E01979EE", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02672757-31FD-4338-AF2C-63FD1D7C1A19", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900v2:-:*:*:*:*:*:*:*", matchCriteriaId: "A9FC6398-60A5-4003-A294-C96AE6DBCED5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D208F2CA-DB20-4C82-8FFF-B99EBFE29713", versionEndExcluding: "1.0.11.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6F506A-464D-4BDE-8F9B-D537D3C7E137", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8841DA90-D1B1-40EB-809D-14C014337AAB", versionEndExcluding: "1.0.0.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", matchCriteriaId: "366FA778-3C2A-42AF-9141-DAD7043B406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02279B20-D951-46CE-B339-452BC585A4F3", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7200:-:*:*:*:*:*:*:*", matchCriteriaId: "FECB83F9-D417-4FD3-B293-87BC177E3AEB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B452611A-43C5-401B-95BD-189020B5C65C", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7350:-:*:*:*:*:*:*:*", matchCriteriaId: "AFD1A65C-F10F-4C52-8B6D-69992E512EB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "237C68C0-C2A9-4F71-9E08-547F2A317CBC", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7400:-:*:*:*:*:*:*:*", matchCriteriaId: "1F68AC3B-A31F-4AB0-89E9-BFFDE427AD3B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63697E3A-AAA3-42E7-8116-93C6548D3AB7", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*", matchCriteriaId: "6DA5420D-DD64-4A9C-9B5F-784F0ED2B464", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C745B393-CC8D-4F88-A6EB-2788E1A4BAF9", versionEndExcluding: "1.0.3.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2BCA6487-57EC-4630-884F-820BBFE25843", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C393DBF4-8281-4611-B591-CDB9DF0AA958", versionEndExcluding: "1.0.2.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4171EB00-3664-43D5-9B62-A3538C358142", versionEndExcluding: "1.0.5.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9800CB2-C14A-406B-B1FF-B1B62862EBDB", versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44537647-E0B2-477D-98A5-7EA850BF3321", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA8D0327-0A72-44EC-9CC2-6CAF6A0C08B2", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F030129E-95C6-4C31-92A6-DABCDC1B534B", versionEndExcluding: "1.0.4.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B377E02-0228-4A2F-90F3-A82E7E964B37", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6324787-AE71-423A-B853-8B22CA3A5294", versionEndExcluding: "1.0.2.134", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9B77E7-7439-48C6-989F-5E22CB4D3044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72C4B203-565A-43BC-9800-274060CE23F2", versionEndExcluding: "1.0.2.134", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*", matchCriteriaId: "63500DE4-BDBD-4F86-AB99-7DB084D0B912", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "57314D03-64B1-4973-9D36-5D22A71DBCBB", versionEndExcluding: "1.0.5.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DCE56F2-5A45-4B31-99EF-1D8455C71E5C", versionEndExcluding: "1.0.5.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B697A877-214C-4701-AA9B-FE9C23FDBCEB", versionEndExcluding: "1.0.1.136", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", matchCriteriaId: "1742BD56-84E4-40E1-8C04-098B3715161E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC5225D5-96AD-43EE-BAA3-37B7FEF97E86", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33505A97-35DB-4EFD-9D47-EA03057C8FFD", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29FB835A-73C6-4F5D-A0F0-C37914B706E7", versionEndExcluding: "1.0.5.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax35_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD0FE36F-5D34-4872-8A2F-DC5B4710E807", versionEndExcluding: "1.0.3.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax35:-:*:*:*:*:*:*:*", matchCriteriaId: "4201E4D6-4DDF-4EF3-902A-960DFFF7C9A4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "785CFF3A-013C-4068-B98E-9B0FAA02BB33", versionEndExcluding: "1.0.3.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax40:-:*:*:*:*:*:*:*", matchCriteriaId: "13D54346-4B03-4296-B050-04EB8CFCA732", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5A3B894E-E712-477A-9960-30AFAB2C35CF", versionEndExcluding: "1.0.2.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A71AE85C-74C4-42C1-BF54-89B6EC38C707", versionEndExcluding: "1.0.2.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EC30751-F447-45A7-8C57-B73042869EA5", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", matchCriteriaId: "D5465A78-4826-4F72-9CBE-528CBF286A79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8246B8D3-8455-43B1-B0FA-F677B8FF84F5", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", matchCriteriaId: "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28DA498C-B466-422E-BAD2-A1F9A15B157F", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", matchCriteriaId: "32BAB5C0-F645-4A90-833F-6345335FA1AF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E72FDDB4-0802-467B-A255-06C8CE1A0B92", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C80BEFF8-7094-4F21-B9E7-EE5C8B9DF3B3", versionEndExcluding: "2.6.1.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04F03BE5-1440-4BC4-B902-97E702ED0ADF", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09631703-25CD-40CB-80A8-AADD43939507", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01A3914A-ABAC-4227-BCA1-DB0AAD559494", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A32769CF-7D0A-4A3F-AF20-6202CA0C6870", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E3BFCB-BFF8-4722-BE48-5FA93CACD3AD", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39D6318D-F5A2-4469-B508-075F2825F0FA", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F44708A-C946-4E0F-9D6C-A91AFB4C9EF3", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5C6DF5F-FEFB-4A30-87CC-379E726AE181", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "451C5603-927A-4EB9-BF9D-150FE16A48F8", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B22B149-BD16-42A0-BB1D-DEF483F6B5E1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4187AE9D-C676-4C41-8DFF-8FDC65D2475C", versionEndExcluding: "2.5.1.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCFCED24-A687-4C5E-BE2E-60C2189254CF", versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v-200:-:*:*:*:*:*:*:*", matchCriteriaId: "935C7519-678D-4C40-BD35-3F281890C7C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9E75105-CB35-4983-8CC0-98699AAA63BE", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", matchCriteriaId: "27F93A76-6EFF-4DA6-9129-4792E2C125D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "993FD563-493C-460C-B379-E02A90295434", versionEndExcluding: "2.5.0.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "921A8CFC-D86E-4674-998E-31F4F956B5DC", versionEndExcluding: "1.5.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn2500rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9FCAF1C-DB77-402B-98D2-8C3FE7DBA8FF", versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn2500rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "65FACC9E-3E0E-4416-9280-706F4FCE436A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E605C33E-0339-4248-9010-D1728C47861A", versionEndExcluding: "1.0.2.86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", matchCriteriaId: "958243A2-6829-464F-80EA-7DD5B6F0DD7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3500rpv1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F357E3F-EDEB-4110-80AD-2061BB9CA066", versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3500rpv1:-:*:*:*:*:*:*:*", matchCriteriaId: "F68F9615-B36A-45BA-8296-390321C050C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6803A2E5-5BCE-4DE6-A0EB-3463C81FAD0C", versionEndExcluding: "1.0.1.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*", matchCriteriaId: "37F227D8-332F-4D24-BAEA-AA5DB3E3EC95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr1000v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5464DA45-2B33-430F-A16E-B1FE072B1376", versionEndExcluding: "1.0.2.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr1000v3:-:*:*:*:*:*:*:*", matchCriteriaId: "252E5C7B-EF02-4374-A43E-02FAA9E697D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01374C4A-4D12-4E77-AF7C-459C32C3579B", versionEndExcluding: "1.2.0.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr2000v2:-:*:*:*:*:*:*:*", matchCriteriaId: "31247E55-E754-46D0-9A46-B0D319C21221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D71EDB94-370B-46C3-A14E-3F3FB130DD49", versionEndExcluding: "1.0.3.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "051E8D2A-0EB0-43A7-9AAA-8519B8CC7FE0", versionEndExcluding: "2.3.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", matchCriteriaId: "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BCFB551-95C6-4EEF-83F0-4246F67E6668", versionEndExcluding: "2.3.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89AB672D-DD24-483E-B69D-7E46AF199483", versionEndExcluding: "1.0.1.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", matchCriteriaId: "E12892C8-5E01-49A6-BF47-09D630377093", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D6000 before 1.0.0.80, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D7800 before 1.0.3.48, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, DM200 before 1.0.0.66, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX2700 before 1.0.1.58, EX3110 before 1.0.1.68, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100v2 before 1.0.1.94, EX6110 before 1.0.1.68, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150v1 before 1.0.0.46, EX6150v2 before 1.0.1.94, EX6200v1 before 1.0.3.94, EX6250 before 1.0.0.128, EX6400 before 1.0.2.152, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7300 before 1.0.2.152, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, EX7500 before 1.0.0.68, EX7700 before 1.0.0.210, EX8000 before 1.0.1.224, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.42, R6260 before 1.1.0.76, R6300v2 before 1.0.4.42, R6330 before 1.1.0.76, R6350 before 1.1.0.76, R6400v1 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v1 before 1.0.2.16, R6700v2 before 1.2.0.72, R6700v3 before 1.0.4.98, R6800 before 1.2.0.72, R6800 before 1.2.0.72, R6850 before 1.1.0.76, R6900 before 1.0.2.16, R6900P before 1.3.2.124, R6900v2 before 1.2.0.72, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, R7500v2 before 1.0.3.48, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.5.24, RAX35 before 1.0.3.80, RAX40 before 1.0.3.80, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK12 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, RBK20 before 2.6.1.38, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.38, RBR40 before 2.6.1.38, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V before 2.5.1.6, RBS40V-200 before 1.0.0.46, RBS50Y before 2.6.1.40, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3000RPv3 before 1.0.2.86, WN3500RPv1 before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, XR300 before 1.0.3.50, XR450 before 2.3.2.66, XR500 before 2.3.2.66, and XR700 before 1.0.1.34.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una configuración incorrecta de los ajustes de seguridad. Esto afecta a AC2100 versiones < 1.2.0.72, AC2400 versiones < 1.2.0.72, AC2600 versiones < 1.2.0.72, CBK40 versiones < 2.5.0.10, CBR40 versiones < 2.5.0.10, D6000 versiones < 1.0.0.80, D6220 versiones < 1.0.0.60, D6400 versiones < 1.0.0.94, D7000v2 versiones < 1.0.0.62, D7800 versiones < 1.0.3.48, D8500 versiones < 1.0.3.50, DC112A versiones < 1.0.0.48, DGN2200v4 versiones < 1.0.0.114, DM200 versiones < 1.0.0.66, EAX20 versiones < 1.0.0.36, EAX80 versiones < 1.0.1.62, EX2700 versiones < 1.0.1.58, EX3110 versiones < 1.0.1.68, EX3700 versiones < 1.0.0.84, EX3800 versiones < 1.0.0.84, EX3920 versiones < 1.0.0.84, EX6000 versiones < 1.0.0.44, EX6100v2 versiones < 1.0.1.94, EX6110 versiones < 1.0.1.68, EX6120 versiones < 1.0. 0.54, EX6130 versiones < 1.0.0.36, EX6150v1 versiones < 1.0.0.46, EX6150v2 versiones < 1.0.1.94, EX6200v1 versiones < 1.0.3.94, EX6250 versiones < 1.0.0.128, EX6400 versiones < 1.0.2.152, EX6400v2 versiones < 1.0.0.128, EX6410 versiones < 1.0.0.128, EX6920 versiones < 1.0.0.54, EX7000 versiones < 1.0.1.90, EX7300 versiones < 1.0.2.152, EX7300v2 versiones < 1.0.0.128, EX7320 versiones < 1.0.0.128, EX7500 versiones < 1.0.0.68, EX7700 versiones < 1.0.0.210, EX8000 antes e 1.0.1.224, MK62 versiones < 1.0.5.102, MR60 versiones < 1.0.5.102, MS60 versiones < 1.0.5.102, R6120 versiones < 1.0.0.70, R6220 versiones < 1.1.0.100, R6230 versiones < 1.1.0.100, R6250 versiones < 1.0.4.42, R6260 versiones < 1.1 .0.76, R6300v2 versiones < 1.0.4.42, R6330 versiones < 1.1.0.76, R6350 versiones < 1.1.0.76, R6400v1 versiones < 1.0.1.62, R6400v2 versiones < 1.0.4.98, R6700v1 versiones < 1.0.2.16, R6700v2 versiones < 1.2.0.72, R6700v3 versiones < 1.0.4.98, R6800 versiones < 1.2.0.72, R6800 antes 1.2.0.72, R6850 versiones < 1.1.0.76, R6900 versiones < 1.0.2.16, R6900P versiones < 1.3.2.124, R6900v2 versiones < 1.2.0.72, R7000 versiones < 1.0.11.106, R7000P versiones < 1.3.2.124, R7100LG versiones < 1.0.0.56, R7200 versiones < 1.2. 0.72, R7350 versiones < 1.2.0.72, R7400 versiones < 1.2.0.72, R7450 versiones < 1.2.0.72, R7500v2 versiones < 1.0.3.48, R7800 versiones < 1.0.2.74, R7850 versiones < 1.0.5.60, R7900 versiones < 1.0.4.26, R7900P versiones < 1.4.1.62, R7960P versiones < 1.4.1.62, R8000 versiones < 1.0.4.58, R8000P versiones < 1.4.1.62, R8300 versiones < 1.0.2.134, R8500 versiones < 1.0.2.134, R8900 versiones < 1.0.5.24, R9000 versiones < 1.0.5.24, RAX120 versiones < 1.0.1.136, RAX15 versiones < 1.0.1.64, RAX20 versiones < 1.0.1.64, RAX200 versiones < 1.0.5.24, RAX35 versiones < 1.0.3.80, RAX40 versiones < 1.0.3.80, RAX45 versiones < 1.0.2.64, RAX50 versiones < 1.0.2.64, RAX75 versiones < 1.0.3.102, RAX80 versiones < 1.0. 3.102, RB K12 versiones < 2.6.1.44, RBR10 versiones < 2.6.1.44, RBS10 versiones < 2.6.1.44, RBK20 versiones < 2.6.1.38, RBR20 versiones < 2.6.1.36, RBS20 versiones < 2.6.1.38, RBK40 versiones < 2.6.1.38, RBR40 versiones < 2.6.1.38, RBS40 antes 2.6.1.38, RBK50 versiones < 2.6.1.40, RBR50 versiones < 2.6.1.40, RBS50 versiones < 2.6.1.40, RBK752 versiones < 3.2.16.6, RBR750 versiones < 3.2.16.6, RBS750 versiones < 3.2.16.6, RBK842 versiones < 3.2.16.6, RBR840 versiones < 3.2. 16.6, RBS840 versiones < 3.2.16.6, RBK852 versiones < 3.2.16.6, RBR850 versiones < 3.2.16.6, RBS850 versiones < 3.2.16.6, RBS40V versiones < 2.5.1.6, RBS40V-200 versiones < 1.0.0.46, RBS50Y versiones < 2.6.1.40, RBW30 versiones < 2.5. 0.4, RS400 versiones < 1.5.0.48, WN2500RPv2 versiones < 1.0.1.56, WN3000RPv3 versiones < 1.0.2.86, WN3500RPv1 versiones < 1.0.0.28, WNDR3400v3 versiones < 1.0.1.32, WNR1000v3 versiones < 1.0.2.78, WNR2000v2 versiones < 1.2.0.12, XR30", }, ], id: "CVE-2020-35800", lastModified: "2024-11-21T05:28:08.620", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 9.7, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 9.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.5, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.410", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062733/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0112", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062733/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Range-Extenders-and-Orbi-WiFi-Systems-PSV-2020-0112", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45576", lastModified: "2024-11-21T06:32:34.057", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.597", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064098/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064098/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0084", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una divulgación de credenciales administrativas. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14431", lastModified: "2024-11-21T05:03:15.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.250", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061944/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0068", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061944/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0068", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una divulgación de credenciales administrativas. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11 y RBS850 versiones anteriores a 3.2.10.11", }, ], id: "CVE-2020-26903", lastModified: "2024-11-21T05:20:27.257", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:15.807", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062351/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062351/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0043", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una divulgación de información confidencial. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11 y RBS850 versiones anteriores a 3.2.10.11", }, ], id: "CVE-2020-26899", lastModified: "2024-11-21T05:20:26.647", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:13.870", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062355/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0030", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062355/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0030", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-30 00:15
Modified
2024-11-21 05:28
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100 before 1.0.2.28, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150 before 1.0.0.46, EX6200 before 1.0.3.94, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6250 before 1.0.4.42, R6300v2 before 1.0.4.42, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6700 before 1.0.2.16, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V-200 before 1.0.0.46, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3500RP before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F2A04BB9-E816-49B5-B539-4B36A5CFFA22", versionEndExcluding: "1.0.0.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EEA190-2E9C-4586-BF81-B115532FBA23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F4BC21D-8354-4C71-BE68-9D1A14A9471F", versionEndExcluding: "1.0.0.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", matchCriteriaId: "7D30939B-86E3-4C78-9B05-686B4994C8B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B3DCFE88-1262-43BF-88BB-B26658EDEDF1", versionEndExcluding: "1.0.0.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8F3F88DD-CE38-45A8-990A-4770A480D1BF", versionEndExcluding: "1.0.3.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", matchCriteriaId: "814A0114-9A1D-4EA0-9AF4-6968514E4F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D989E9B-5626-4238-877A-FFB0FC1C6352", versionEndExcluding: "1.0.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*", matchCriteriaId: "F87FFC46-137D-45B8-B437-F15565FB33D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE1AC249-D64C-4E61-A22A-1498712D2758", versionEndExcluding: "1.0.0.114", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*", matchCriteriaId: "0BE59214-C8A1-4337-A54C-E4E8C149B241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62EFA314-85C0-48CC-938E-E2BF42B16746", versionEndExcluding: "1.0.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7EE6BC6-DEDA-4005-9E29-D66D0BC7E5C2", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "953A4436-6F98-494C-B184-354E577F8E59", versionEndExcluding: "1.0.0.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF7B1DD1-E197-461C-9537-C6D1DF2F6D7D", versionEndExcluding: "1.0.0.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3920_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33BDAF99-3E64-427E-ACAF-AEFB75401C72", versionEndExcluding: "1.0.0.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3920:-:*:*:*:*:*:*:*", matchCriteriaId: "E576341B-2426-4F4D-8DF4-0A6D462656A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EDB99B74-2E41-4986-96BB-B728ED32405B", versionEndExcluding: "1.0.0.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*", matchCriteriaId: "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8491DCE-15CC-42F2-B253-68FEDF731DF5", versionEndExcluding: "1.0.2.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6100:-:*:*:*:*:*:*:*", matchCriteriaId: "AB84CD03-765C-4D4F-A176-364F8E72A4E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D1AA1E29-118C-4299-91FA-2C8584EC6F6C", versionEndExcluding: "1.0.0.54", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B845CEBF-A8A2-474B-9094-43AA53560150", versionEndExcluding: "1.0.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "22C12B59-DF06-4133-9F30-24EB02CECB9C", versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6150:-:*:*:*:*:*:*:*", matchCriteriaId: "46452E97-9347-4788-9570-1EECECC7255E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9CB304C9-D59C-4FAB-A034-1B2B7B41AA71", versionEndExcluding: "1.0.3.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*", matchCriteriaId: "3186CC67-B567-4A0C-BD2C-0433716FBD1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6920_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FF964D1-1FCE-467B-8B7F-8189CDF728D4", versionEndExcluding: "1.0.0.54", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6920:-:*:*:*:*:*:*:*", matchCriteriaId: "65914D7F-39EA-489B-8DE7-8547AFC05F64", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A096742-1FFA-4C19-B697-EC5154411CF2", versionEndExcluding: "1.0.1.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", matchCriteriaId: "9F45B620-60B8-40F3-A055-181ADD71EFFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B59B0C17-2714-48E8-8911-E72488CE32E3", versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D7658849-0743-487B-803F-D49680EDF185", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E18CCBB-46CD-423D-AA66-36F223EFD6E6", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07A1D7A9-29E9-4B1D-90DB-24E0967C9BC7", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2CE369F2-053B-4F67-B295-54EE41C6C4DA", versionEndExcluding: "1.0.4.42", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", matchCriteriaId: "321BE843-52C4-4638-A321-439CA7B3A6F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BD8455EE-AFAD-445D-910B-E8D9F02E8B1B", versionEndExcluding: "1.0.4.42", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "7909744D-FE9B-49D1-ADB3-029CCC432A47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "478CE991-5E30-438D-94B0-0E15A29E27BD", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E32C097-6EDF-4C81-A375-028DB67B6231", versionEndExcluding: "1.0.4.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCCFD041-9413-4E37-8C4D-F50D1B10582B", versionEndExcluding: "1.0.4.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19D625E4-17F4-44EF-9A51-DA0BAD4835F2", versionEndExcluding: "1.0.2.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*", matchCriteriaId: "21B27F11-4262-4CE1-8107-B365A7C152F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61DE3850-1661-43D1-9E52-31E2E01979EE", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1D59AC0-2859-46C0-B050-3BB8E3E9CB06", versionEndExcluding: "1.0.2.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*", matchCriteriaId: "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D208F2CA-DB20-4C82-8FFF-B99EBFE29713", versionEndExcluding: "1.0.11.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6F506A-464D-4BDE-8F9B-D537D3C7E137", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8841DA90-D1B1-40EB-809D-14C014337AAB", versionEndExcluding: "1.0.0.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", matchCriteriaId: "366FA778-3C2A-42AF-9141-DAD7043B406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4171EB00-3664-43D5-9B62-A3538C358142", versionEndExcluding: "1.0.5.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9800CB2-C14A-406B-B1FF-B1B62862EBDB", versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44537647-E0B2-477D-98A5-7EA850BF3321", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA8D0327-0A72-44EC-9CC2-6CAF6A0C08B2", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F030129E-95C6-4C31-92A6-DABCDC1B534B", versionEndExcluding: "1.0.4.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B377E02-0228-4A2F-90F3-A82E7E964B37", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F6324787-AE71-423A-B853-8B22CA3A5294", versionEndExcluding: "1.0.2.134", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9B77E7-7439-48C6-989F-5E22CB4D3044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72C4B203-565A-43BC-9800-274060CE23F2", versionEndExcluding: "1.0.2.134", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*", matchCriteriaId: "63500DE4-BDBD-4F86-AB99-7DB084D0B912", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC5225D5-96AD-43EE-BAA3-37B7FEF97E86", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33505A97-35DB-4EFD-9D47-EA03057C8FFD", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49D5D1E8-637A-4970-8753-6A3FCA8FAC64", versionEndExcluding: "1.0.2.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rx45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "867CC271-D1F9-4289-9859-7FE084C2BB5C", versionEndExcluding: "1.0.2.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rx45:-:*:*:*:*:*:*:*", matchCriteriaId: "20AD88BE-1321-4029-8C31-E558DCBDE9E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "41D61A7C-BF7E-4A84-A08B-C9FF449AF952", versionEndExcluding: "1.0.2.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5C6DF5F-FEFB-4A30-87CC-379E726AE181", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "451C5603-927A-4EB9-BF9D-150FE16A48F8", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B22B149-BD16-42A0-BB1D-DEF483F6B5E1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCFCED24-A687-4C5E-BE2E-60C2189254CF", versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v-200:-:*:*:*:*:*:*:*", matchCriteriaId: "935C7519-678D-4C40-BD35-3F281890C7C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "993FD563-493C-460C-B379-E02A90295434", versionEndExcluding: "2.5.0.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "921A8CFC-D86E-4674-998E-31F4F956B5DC", versionEndExcluding: "1.5.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn2500rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9FCAF1C-DB77-402B-98D2-8C3FE7DBA8FF", versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn2500rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "65FACC9E-3E0E-4416-9280-706F4FCE436A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3500rp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D0EEFD6D-A6DC-4F91-9A6A-4F96712ED151", versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3500rp:-:*:*:*:*:*:*:*", matchCriteriaId: "A98880D5-40DF-41A2-9924-9CACF78701EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6803A2E5-5BCE-4DE6-A0EB-3463C81FAD0C", versionEndExcluding: "1.0.1.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*", matchCriteriaId: "37F227D8-332F-4D24-BAEA-AA5DB3E3EC95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr1000v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5464DA45-2B33-430F-A16E-B1FE072B1376", versionEndExcluding: "1.0.2.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr1000v3:-:*:*:*:*:*:*:*", matchCriteriaId: "252E5C7B-EF02-4374-A43E-02FAA9E697D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01374C4A-4D12-4E77-AF7C-459C32C3579B", versionEndExcluding: "1.2.0.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr2000v2:-:*:*:*:*:*:*:*", matchCriteriaId: "31247E55-E754-46D0-9A46-B0D319C21221", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr3500lv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F667392E-F63E-4186-9BA3-7F9A4AA3EC67", versionEndExcluding: "1.2.0.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr3500lv2:-:*:*:*:*:*:*:*", matchCriteriaId: "FC3F6D58-D900-41B4-8626-58928866208A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D71EDB94-370B-46C3-A14E-3F3FB130DD49", versionEndExcluding: "1.0.3.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX3920 before 1.0.0.84, EX6000 before 1.0.0.44, EX6100 before 1.0.2.28, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX6150 before 1.0.0.46, EX6200 before 1.0.3.94, EX6920 before 1.0.0.54, EX7000 before 1.0.1.90, EX7500 before 1.0.0.68, MK62 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, R6250 before 1.0.4.42, R6300v2 before 1.0.4.42, R6400 before 1.0.1.62, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6700 before 1.0.2.16, R6900P before 1.3.2.124, R6900 before 1.0.2.16, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7900P before 1.4.1.62, R7960P before 1.4.1.62, R8000 before 1.0.4.58, R8000P before 1.4.1.62, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.2.102, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBS40V-200 before 1.0.0.46, RBW30 before 2.5.0.4, RS400 before 1.5.0.48, WN2500RPv2 before 1.0.1.56, WN3500RP before 1.0.0.28, WNDR3400v3 before 1.0.1.32, WNR1000v3 before 1.0.2.78, WNR2000v2 before 1.2.0.12, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, D6220 versiones anteriores a 1.0.0.60, D6400 versiones anteriores a 1.0.0.94, D7000v2 versiones anteriores a 1.0.0.62, D8500 versiones anteriores a 1.0.3.50, DC112A versiones anteriores a 1.0.0.48, DGN2200v4 versiones anteriores a 1.0.0.114, EAX20 versiones anteriores a 1.0.0.36, EAX80 versiones anteriores a 1.0.1.62, EX3700 versiones anteriores a 1.0.0.84, EX3800 versiones anteriores a 1.0.0.84, EX3920 versiones anteriores a 1.0.0.84, EX6000 versiones anteriores a 1.0.0.44, EX6100 versiones anteriores a 1.0.2.28, EX6120 versiones anteriores a 1.0.0.54, EX6130 versiones anteriores a 1.0.0.36, EX6150 versiones anteriores a 1.0.0.46, EX6200 versiones anteriores a 1.0.3.94, EX6920 versiones anteriores a 1.0.0.54, EX7000 versiones anteriores a 1.0.1.90, EX7500 versiones anteriores a 1.0.0.68, MK62 versiones anteriores a 1.0.5.102, MR60 versiones anteriores a 1.0.5.102, MS60 versiones anteriores a 1.0.5.102, R6250 versiones anteriores a 1.0.4.42, R6300v2 versiones anteriores a 1.0.4.42, R6400 versiones anteriores a 1.0.1.62, R6400v2 versiones anteriores a 1.0.4.98, R6700v3 versiones anteriores a 1.0.4.98, R6700 versiones anteriores a 1.0.2.16, R6900P versiones anteriores a 1.3.2.124, R6900 versiones anteriores a 1.0.2.16, R7000 versiones anteriores a 1.0.11.106, R7000P versiones anteriores a 1.3.2.124, R7100LG versiones anteriores a 1.0.0.56, R7850 versiones anteriores a 1.0.5.60, R7900 versiones anteriores a 1.0.4.26, R7900P versiones anteriores a 1.4. 1.62, R7960P versiones anteriores a 1.4.1.62, R8000 versiones anteriores a 1.0.4.58, R8000P versiones anteriores a 1.4.1.62, R8300 versiones anteriores a 1.0.2.134, R8500 versiones anteriores a 1.0.2.134, RAX15 versiones anteriores a 1.0.1.64, RAX20 versiones anteriores a 1.0.1.64, RAX200 versiones anteriores a 1.0.2.102, RAX45 versiones anteriores a 1.0.2.32, RAX50 versiones anteriores a 1.0.2.32, RAX75 versiones anteriores a 1.0.3.102, RAX80 versiones anteriores a 1.0.3.102, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK842 versiones anteriores a 3.2.16.6, RBR840 versiones anteriores a 3.2.16.6, RBS840 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBS40V-200 versiones anteriores a 1.0.0.46, RBW30 versiones anteriores a 2.5.0.4, RS400 versiones anteriores a 1.5.0.48, WN2500RPv2 versiones anteriores a 1.0 .1.56, WN3500RP versiones anteriores a 1.0.0.28, WNDR3400v3 versiones anteriores a 1.0.1.32, WNR1000v3 versiones anteriores a 1.0.2.78, WNR2000v2 versiones anteriores a 1.2.0.12, WNR3500Lv2 versiones anteriores a 1.2.0.62 y XR300 versiones anteriores a 1.0.3.50.", }, ], id: "CVE-2020-35796", lastModified: "2024-11-21T05:28:07.700", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.160", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062717/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2020-0201", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062717/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2020-0201", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-23 07:15
Modified
2024-11-21 06:00
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30 before 2.6.1.4, RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBK754 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK854 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbk754_firmware | * | |
| netgear | rbk754 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbk854_firmware | * | |
| netgear | rbk854 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F388398-842E-40B1-9ACC-2D9A15D2BF2A", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2240C06-A117-48E6-9576-C58F3314A160", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13C16392-F041-4A90-90C0-C291C0CD545E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk754:-:*:*:*:*:*:*:*", matchCriteriaId: "F8BF464E-63DB-4AC4-9B5D-E3ECDC000305", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C76041B8-E676-4E29-BE18-E1B9C4735D5C", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*", matchCriteriaId: "01D12702-8B86-419C-8636-1259FD2D5844", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30 before 2.6.1.4, RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBK754 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK854 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una divulgación de información confidencial. Esto afecta a RBW30 versiones anteriores a 2.6.1.4, RBS40V versiones anteriores a 2.6.1.4, RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBK754 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores al 3.2.15.25, RBK853 versiones anteriores al 3.2.15.25, RBK854 versiones anteriores al 3.2.15.25, RBR850 versiones anteriores al 3.2.15.25 y RBS850 versiones anteriores al 3.2.15.25", }, ], id: "CVE-2021-29082", lastModified: "2024-11-21T06:00:40.660", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.3, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-23T07:15:14.390", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45631", lastModified: "2024-11-21T06:32:43.630", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.233", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064136/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0504", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064136/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0504", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45632", lastModified: "2024-11-21T06:32:43.787", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.277", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064137/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064137/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0505", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45579", lastModified: "2024-11-21T06:32:34.577", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.747", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064101/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0087", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064101/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0087", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-23 07:15
Modified
2024-11-21 06:00
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbk854_firmware | * | |
| netgear | rbk854 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbk754_firmware | * | |
| netgear | rbk754 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EF8E22-9DC7-4A42-99E0-A6822F647DF7", versionEndExcluding: "2.6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CA086E1-DB23-4130-B746-D56F5A188C3B", versionEndExcluding: "2.6.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64DF0B69-B591-47B6-88C1-82544AA3DE9B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "106863FF-9BE9-4C18-9A86-C458FF9EBDD6", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*", matchCriteriaId: "01D12702-8B86-419C-8636-1259FD2D5844", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1723D5F-FFDB-4E4D-80B7-4B28598D5895", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D041B9F-37E4-48A9-9841-85EFFF7FA1D1", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E6FDC1-BB17-454A-9B3A-5FB1F705C56B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk754:-:*:*:*:*:*:*:*", matchCriteriaId: "F8BF464E-63DB-4AC4-9B5D-E3ECDC000305", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBW30 versiones anteriores a 2.6.2.2, RBS40V versiones anteriores a 2.6.2.4, RBK852 versiones anteriores a 3.2.17.12, RBK853 versiones anteriores a 3.2.17.12, RBK854 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3. 2.17.12, RBK752 versiones anteriores a 3.2.17.12, RBK753 versiones anteriores a 3.2.17.12, RBK753S versiones anteriores a 3.2.17.12, RBK754 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12 y RBS750 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-29077", lastModified: "2024-11-21T06:00:39.877", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-23T07:15:14.013", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063016/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0486", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063016/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0486", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45563", lastModified: "2024-11-21T06:32:31.873", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:15.993", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064084/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0066", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064084/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0066", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una omisión de autenticación. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45509", lastModified: "2024-11-21T06:32:22.730", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:13.333", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064148/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0564", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064148/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0564", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45559", lastModified: "2024-11-21T06:32:31.163", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:15.803", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064079/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0055", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064079/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0055", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R8000P before 1.4.1.66, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R7900P before 1.4.1.66, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42805332-33C3-49EB-9A55-952FA3E76A0B", versionEndExcluding: "1.0.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1344C924-0296-4F49-BF9F-113BB643CDD5", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B9DB22D-0775-48CE-A97D-BA3B5873C9F8", versionEndExcluding: "1.0.0.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F747A14B-5331-428E-8B53-724090554E07", versionEndExcluding: "1.0.0.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B717BA8-81B7-470C-BF20-A4318D063D77", versionEndExcluding: "1.4.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04513F08-329D-446F-A356-29074C1C0BEA", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2240C06-A117-48E6-9576-C58F3314A160", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F388398-842E-40B1-9ACC-2D9A15D2BF2A", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20A423A5-04E9-4323-9818-6C9B78065103", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F1EBAB4-F713-4AC5-AECC-9E9D61FF3576", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "101031E9-479E-4F86-B83A-19376F8C8A45", versionEndExcluding: "1.4.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93EF1D39-E084-40E9-86CF-C590763841A0", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7932C371-669C-43C0-94A4-17BD4BDE8C74", versionEndExcluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "850D0AE9-A57C-47D3-9D44-7EE24E6F594D", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E445DBA-2B45-410C-9288-1A4472452CE1", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "65F881E3-22B3-40D9-A896-51B13FD09EAA", versionEndExcluding: "1.4.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED73C5EC-C8D3-4206-BCAA-0901F786DD98", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3DD37BF-8664-412F-9A71-58880AF20242", versionEndIncluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R8000P before 1.4.1.66, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R7900P before 1.4.1.66, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un ataque de tipo XSS almacenado. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, EAX20 versiones anteriores a 1.0.0.48, EAX80 versiones anteriores a 1.0.1.64, EX6120 versiones anteriores a 1.0.0.64, EX6130 versiones anteriores a 1.0.0.44, EX7500 versiones anteriores a 1.0.0.72, R7960P versiones anteriores a 1. 4.1.66, RAX200 versiones anteriores a 1.0.3.106, RBS40V versiones anteriores a 2.6.1.4, RBW30 versiones anteriores a 2.6.1.4, EX3700 versiones anteriores a 1.0.0.90, MR60 versiones anteriores a 1.0.6.110, R8000P versiones anteriores a 1.4.1.66, RAX20 versiones anteriores a 1.0.2. 82, RAX45 versiones anteriores a 1.0.2.72, RAX80 versiones anteriores a 1.0.3.106, EX3800 versiones anteriores a 1.0.0.90, MS60 versiones anteriores a 1.0.6.110, R7900P versiones anteriores a 1.4.1.66, RAX15 versiones anteriores a 1.0.2.82, RAX50 versiones anteriores a 1.0.2. 72, RAX75 versiones anteriores a 1.0.3.106, RBR750 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBK752 versiones anteriores a 3.2.16.6 y RBK852 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45667", lastModified: "2024-11-21T06:32:49.870", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 5.3, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:20.870", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064481/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064481/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0256", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45634", lastModified: "2024-11-21T06:32:44.103", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.367", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064139/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0515", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064139/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0515", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-29 21:15
Modified
2024-11-21 05:57
Severity ?
Summary
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADF65DC4-51D5-4C38-B28D-7EA93B1734A3", versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EEA190-2E9C-4586-BF81-B115532FBA23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "888A8E0F-93DD-436D-B00C-F469C3BD6E5B", versionEndExcluding: "1.0.0.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", matchCriteriaId: "7D30939B-86E3-4C78-9B05-686B4994C8B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08668CFE-EE8B-4EE9-8B9D-FFCB45EE27D2", versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000:v2:*:*:*:*:*:*:*", matchCriteriaId: "D8780623-F362-4FA5-8B33-37E9CB3FEE12", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "160F53B0-8430-4D85-8ABC-0A64B27DDFBD", versionEndExcluding: "1.0.3.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", matchCriteriaId: "814A0114-9A1D-4EA0-9AF4-6968514E4F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9A59578F-1A3F-428B-A995-572C8E93C15C", versionEndExcluding: "1.0.0.54", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*", matchCriteriaId: "F87FFC46-137D-45B8-B437-F15565FB33D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5E273CF7-2DB6-4641-8753-810949D631B0", versionEndExcluding: "1.0.1.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", matchCriteriaId: "9F45B620-60B8-40F3-A055-181ADD71EFFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "049629DD-9E4F-4F47-98B0-C9FD457B74A0", versionEndExcluding: "1.0.4.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", matchCriteriaId: "321BE843-52C4-4638-A321-439CA7B3A6F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "685E2CA4-AA89-4574-8DB1-7C06D9F0FF2D", versionEndExcluding: "1.0.4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*", matchCriteriaId: "10938043-F7DF-42C3-8C16-F92CAF8E5576", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "930E739E-EFDC-49AB-9155-A71C2B25FCD6", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E02F15FF-76B1-43DD-85E0-A34E764E638D", versionEndExcluding: "1.0.4.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*", matchCriteriaId: "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "357EDE1B-75BA-4515-B0E9-2B70EF993244", versionEndExcluding: "1.0.4.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*", matchCriteriaId: "5A09A9E8-8C77-4EDB-9483-B3C540EF083A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "839A9EBE-5F14-4695-8040-7D5607F8E248", versionEndExcluding: "1.3.2.132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9F1DAD0-F8B8-48D5-B571-C55636B274C3", versionEndExcluding: "1.0.11.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EAF3EA40-79FB-4D2C-A8AF-A04820745C4D", versionEndExcluding: "1.3.2.132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1AC36017-5BCF-4CF6-91D0-278279943847", versionEndExcluding: "1.0.0.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", matchCriteriaId: "366FA778-3C2A-42AF-9141-DAD7043B406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF7A1DF8-E9A0-4312-AC37-DEB46E37EE50", versionEndExcluding: "1.0.5.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96390A31-03B8-477B-8710-F797CB44E741", versionEndExcluding: "1.0.4.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DAB3F350-9094-4B64-8ED9-517069EB56F4", versionEndExcluding: "1.4.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0ECEE38A-B0BB-43F8-AB4D-26572B789BFB", versionEndExcluding: "1.4.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D10E41DC-982F-444A-9A4D-82EC2BA64199", versionEndExcluding: "1.0.4.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61DF6302-36B7-49CF-8F2C-4C2247112EB9", versionEndExcluding: "1.4.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "60634A15-B02A-4C33-A1A4-F6340CFD6B8B", versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9B77E7-7439-48C6-989F-5E22CB4D3044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8E565CF-8408-4502-97BD-01CEF15D0744", versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*", matchCriteriaId: "63500DE4-BDBD-4F86-AB99-7DB084D0B912", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "609B0EC8-FCD3-4522-A06A-7CB521586A22", versionEndExcluding: "1.0.2.88", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CA086E1-DB23-4130-B746-D56F5A188C3B", versionEndExcluding: "2.6.2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8509E165-B497-4483-95E6-7BEB2AB40946", versionEndIncluding: "1.5.0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "065AE552-7268-45C5-92CA-B56602C9313D", versionEndExcluding: "1.0.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*", matchCriteriaId: "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2FCE2862-B111-45A9-85D9-8BABEFE4F856", versionEndExcluding: "1.2.0.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*", matchCriteriaId: "C8DE4BFA-41DE-4748-ACC7-14362333A059", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4AF96D62-1D28-4FE5-AFC3-FB93A1BB4D45", versionEndExcluding: "1.0.3.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. A crafted MX header field in an SSDP message can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11851.", }, { lang: "es", value: "Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar código arbitrario en las instalaciones afectadas de los enrutadores NETGEAR R6400 y R6700 versión de firmware 1.0.4.98. No es requerida una autenticación para explotar esta vulnerabilidad. El fallo específico se presenta dentro del servicio upnpd, que escucha en el puerto UDP 1900 por defecto. Un campo de encabezado MX diseñado en un mensaje SSDP puede desencadenar un desbordamiento de un búfer en la región stack de la memoria de longitud corregida. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto de root. Era ZDI-CAN-11851", }, ], id: "CVE-2021-27239", lastModified: "2024-11-21T05:57:39.813", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-29T21:15:12.377", references: [ { source: "zdi-disclosures@trendmicro.com", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432", }, { source: "zdi-disclosures@trendmicro.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-206/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062820/Security-Advisory-for-Stack-based-Buffer-Overflow-Remote-Code-Execution-Vulnerability-on-Some-Routers-PSV-2020-0432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-206/", }, ], sourceIdentifier: "zdi-disclosures@trendmicro.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "zdi-disclosures@trendmicro.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45583", lastModified: "2024-11-21T06:32:35.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.933", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064105/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0091", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064105/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0091", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-30 00:15
Modified
2024-11-21 05:28
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbs840v_firmware | * | |
| netgear | rbs840v | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7001C735-233D-49D6-8289-38E5CCE6E8BA", versionEndExcluding: "2.5.0.14", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F388398-842E-40B1-9ACC-2D9A15D2BF2A", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5C6DF5F-FEFB-4A30-87CC-379E726AE181", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "451C5603-927A-4EB9-BF9D-150FE16A48F8", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B22B149-BD16-42A0-BB1D-DEF483F6B5E1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B3C62A0E-8B8F-49BE-B953-E6C0D293ED55", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840v:-:*:*:*:*:*:*:*", matchCriteriaId: "2C720141-11EF-4BBC-B74D-986BC36518B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.14, RBW30 before 2.6.1.4, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBK842 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, and RBS40V before 2.6.1.4.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una divulgación de información confidencial. Esto afecta a CBR40 versiones anteriores a 2.5.0.14, RBW30 versiones anteriores a 2.6.1.4, RAX75 versiones anteriores a 1.0.3.102, RAX80 versiones anteriores a 1.0.3.102, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBK842 versiones anteriores a 3.2.16.6, RBR840 versiones anteriores a 3.2.16.6, RBS840 versiones anteriores a 3.2.16.6 y RBS40V versiones anteriores a 2.6.1.4.", }, ], id: "CVE-2020-35802", lastModified: "2024-11-21T05:28:09.167", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.517", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062720/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-WiFi-Systems-PSV-2020-0331", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45575", lastModified: "2024-11-21T06:32:33.893", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.553", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064097/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0083", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064097/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0083", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45558", lastModified: "2024-11-21T06:32:30.990", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:15.757", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064078/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0053", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064078/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0053", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6.", }, ], id: "CVE-2021-45584", lastModified: "2024-11-21T06:32:35.447", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.977", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064106/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0092", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064106/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0092", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14442", lastModified: "2024-11-21T05:03:17.260", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:13.327", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061947/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061947/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0103", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45630", lastModified: "2024-11-21T06:32:43.477", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.187", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064135/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0498", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064135/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0498", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una divulgación de credenciales administrativas. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11 y RBS850 versiones anteriores a 3.2.10.11", }, ], id: "CVE-2020-26904", lastModified: "2024-11-21T05:20:27.410", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:16.107", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062350/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0046", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062350/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0046", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, and RBR850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, and RBR850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una omisión de autenticación. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12 y RBR850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45508", lastModified: "2024-11-21T06:32:22.573", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:13.280", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064133/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0490", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064133/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0490", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45580", lastModified: "2024-11-21T06:32:34.743", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.793", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064102/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0088", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064102/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0088", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45582", lastModified: "2024-11-21T06:32:35.073", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.890", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064104/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0090", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064104/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0090", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-30 00:15
Modified
2024-11-21 05:28
Severity ?
9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2DC48DC1-23F3-4924-AC51-A046FDD68169", versionEndExcluding: "1.0.4.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8E9DCA2-ED8E-446A-ABE7-8CB6C851FE9A", versionEndExcluding: "1.0.4.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61DE3850-1661-43D1-9E52-31E2E01979EE", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21A17053-15C7-4B22-AC52-549530A908F3", versionEndExcluding: "1.0.11.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6F506A-464D-4BDE-8F9B-D537D3C7E137", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C393DBF4-8281-4611-B591-CDB9DF0AA958", versionEndExcluding: "1.0.2.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4171EB00-3664-43D5-9B62-A3538C358142", versionEndExcluding: "1.0.5.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9800CB2-C14A-406B-B1FF-B1B62862EBDB", versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B5218F1-2A51-4B1E-A57F-534B74A8FEE2", versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D444B09-82DA-4225-A292-B28232408A7B", versionEndExcluding: "1.0.4.52", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8B02CB0A-BBB8-4A64-93B3-7CA1DF7B7299", versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D3F1622-F2B7-41F0-87F0-61F4ACB270C8", versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC5225D5-96AD-43EE-BAA3-37B7FEF97E86", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33505A97-35DB-4EFD-9D47-EA03057C8FFD", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0950BA50-E185-4091-99F7-D8837F9023F0", versionEndExcluding: "1.0.1.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9AA26738-7B2A-4774-868D-5CA005C4326D", versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFD74459-51B3-4F82-9B1B-72C41BAAD607", versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "921A8CFC-D86E-4674-998E-31F4F956B5DC", versionEndExcluding: "1.5.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D71EDB94-370B-46C3-A14E-3F3FB130DD49", versionEndExcluding: "1.0.3.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a R6400v2 versiones anteriores a 1.0.4.84, R6700v3 versiones anteriores a 1.0.4.84, R6900P versiones anteriores a 1.3.2.124, R7000 versiones anteriores a 1.0.11.100, R7000P versiones anteriores a 1.3.2.124, R7800 versiones anteriores a 1.0.2.74, R7850 versiones anteriores a 1.0.5.60, R7900 versiones anteriores a 1.0.4.26, R7960P versiones anteriores a 1.4.1.50, R8000 versiones anteriores a 1.0.4.52, R7900P versiones anteriores a 1.4.1.50, R8000P versiones anteriores a 1.4.1.50, RAX15 versiones anteriores a 1.0.1.64, RAX20 versiones anteriores a 1.0.1.64, RAX200 versiones anteriores a 1.0.1.12, RAX45 versiones anteriores a 1.0.2.66, RAX50 versiones anteriores a 1.0.2.66, RAX75 versiones anteriores a 1.0.3.102, RAX80 versiones anteriores a 1.0.3.102, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25, RBS850 versiones anteriores a 3.2. 15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RS400 versiones anteriores a 1.5.0.48 y XR300 versiones anteriores a 1.0.3.50.", }, ], id: "CVE-2020-35798", lastModified: "2024-11-21T05:28:08.150", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.267", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062715/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2019-0218", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062715/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2019-0218", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | d7000v2_firmware | * | |
| netgear | d7000v2 | - | |
| netgear | lax20_firmware | * | |
| netgear | lax20 | - | |
| netgear | mk62_firmware | * | |
| netgear | mk62 | - | |
| netgear | mr60_firmware | * | |
| netgear | mr60 | - | |
| netgear | ms60_firmware | * | |
| netgear | ms60 | - | |
| netgear | rax15_firmware | * | |
| netgear | rax15 | - | |
| netgear | rax20_firmware | * | |
| netgear | rax20 | - | |
| netgear | rax200_firmware | * | |
| netgear | rax200 | - | |
| netgear | rax45_firmware | * | |
| netgear | rax45 | - | |
| netgear | rax50_firmware | * | |
| netgear | rax50 | - | |
| netgear | rax43_firmware | * | |
| netgear | rax43 | - | |
| netgear | rax40v2_firmware | * | |
| netgear | rax40v2 | - | |
| netgear | rax35v2_firmware | * | |
| netgear | rax35v2 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | xr1000_firmware | * | |
| netgear | xr1000 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C2D1C234-22F1-4837-9D04-059170A97072", versionEndExcluding: "1.0.0.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48709EA4-81F3-4CF1-B9A8-5379309914B0", versionEndExcluding: "1.1.6.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*", matchCriteriaId: "491CEB8D-22F3-4F86-96F0-03C5C58BA295", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE40C2D0-0863-4E0F-B3E7-6FD043B46467", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA438541-75AE-4D6B-AB56-02760D08D465", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2234C485-F411-48CC-9A0B-AA49B6961E38", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2268D5EF-E7FA-4112-A468-507417E18FFF", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31289572-2197-4A38-8353-CA4AAD491160", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0706367A-3F60-4564-8689-E0A46DDC31C2", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "679C4EC5-D17E-469B-A28F-BF5E231CED3D", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AC89EAA-344C-438E-A5A5-2C34CF699743", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*", matchCriteriaId: "178BB386-F66C-4CE8-9283-37D22B304691", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF0E5B9-8D2D-4A3F-881E-2E3122B3577C", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*", matchCriteriaId: "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "841D857C-3387-43E0-A3AF-0E81CBEE3E40", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9358B2F2-D24E-434D-AEE5-6CE093598793", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F615F516-29EF-4C15-9E18-C5D4F6291A38", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a D7000v2 versiones anteriores a 1.0.0.74, LAX20 versiones anteriores a 1.1.6.28, MK62 versiones anteriores a 1.0.6.116, MR60 versiones anteriores a 1.0.6.116, MS60 versiones anteriores a 1.0.6. 116, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4.120, RAX45 versiones anteriores a 1.0.3.96, RAX50 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3. 96, RAX40v2 versiones anteriores a 1.0.3.96, RAX35v2 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1.0.4.120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3. 2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12 y XR1000 versiones anteriores a 1.0.0.58", }, ], id: "CVE-2021-45614", lastModified: "2024-11-21T06:32:40.533", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:18.427", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064141/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0520", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064141/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0520", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCDDC785-6FEC-4D94-86D1-8E55FB0CA6C1", versionEndExcluding: "3.2.18.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCA48F47-FC18-4953-BA90-1F4F3695A2BE", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC9EE9DE-DD58-46A9-87FB-D284EBE0ACC1", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2268D5EF-E7FA-4112-A468-507417E18FFF", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31289572-2197-4A38-8353-CA4AAD491160", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "841D857C-3387-43E0-A3AF-0E81CBEE3E40", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9358B2F2-D24E-434D-AEE5-6CE093598793", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF0E5B9-8D2D-4A3F-881E-2E3122B3577C", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*", matchCriteriaId: "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AC89EAA-344C-438E-A5A5-2C34CF699743", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*", matchCriteriaId: "178BB386-F66C-4CE8-9283-37D22B304691", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0706367A-3F60-4564-8689-E0A46DDC31C2", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "679C4EC5-D17E-469B-A28F-BF5E231CED3D", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A", versionEndExcluding: "1.5.1.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F615F516-29EF-4C15-9E18-C5D4F6291A38", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3AE70236-D1C6-4B58-8385-1FA5F71916AF", versionEndExcluding: "1.0.3.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A65EE9FC-A015-4D92-8DA3-40C8594D843D", versionEndExcluding: "1.0.0.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED72FFCA-F5A8-480D-8A29-C14FFC490B33", versionEndExcluding: "1.0.0.94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B9DB22D-0775-48CE-A97D-BA3B5873C9F8", versionEndExcluding: "1.0.0.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F747A14B-5331-428E-8B53-724090554E07", versionEndExcluding: "1.0.0.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A2826A7E-990D-455A-8B16-CBCCC4633B97", versionEndExcluding: "1.0.1.104", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", matchCriteriaId: "9F45B620-60B8-40F3-A055-181ADD71EFFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EB8CD19-4963-42A8-B9E6-63ED5EC35119", versionEndExcluding: "1.0.0.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48709EA4-81F3-4CF1-B9A8-5379309914B0", versionEndExcluding: "1.1.6.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*", matchCriteriaId: "491CEB8D-22F3-4F86-96F0-03C5C58BA295", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA438541-75AE-4D6B-AB56-02760D08D465", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2234C485-F411-48CC-9A0B-AA49B6961E38", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E00ABB7-A3E9-4E41-82CB-3AADC276C3AC", versionEndExcluding: "1.0.4.52", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "7909744D-FE9B-49D1-ADB3-029CCC432A47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA1BB56F-20B5-4A79-AE9D-429A011EAA4C", versionEndExcluding: "1.0.1.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A95F7AFD-13E8-49B7-BA80-D8BC61C254FE", versionEndExcluding: "1.0.4.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A33291E-18F7-452C-A5EF-7B3C2D087704", versionEndExcluding: "1.0.4.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94795476-184B-4E7D-9D8B-ECB45609108E", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E06EFF-9D71-43DB-A304-9A41998FD68A", versionEndExcluding: "1.0.11.126", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3A7E8BF-8CC3-4806-89F5-FBE01A36A1FD", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F445F83B-1CFC-41E9-9446-72E1FCE5A222", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", matchCriteriaId: "366FA778-3C2A-42AF-9141-DAD7043B406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8491F80C-E57A-4862-B969-F43799A47D06", versionEndExcluding: "1.0.5.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4195BC65-A849-4C3A-B726-E013CEB57F32", versionEndExcluding: "1.0.4.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A662FDCF-DC41-4DC9-B77E-BE1D636AC0B3", versionEndExcluding: "1.0.4.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68D7FF2D-210A-4B16-B871-394413F64F3A", versionEndExcluding: "1.0.2.154", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9B77E7-7439-48C6-989F-5E22CB4D3044", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45ADC486-2457-496D-B887-EAAB9833E160", versionEndExcluding: "1.0.2.154", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*", matchCriteriaId: "63500DE4-BDBD-4F86-AB99-7DB084D0B912", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3 before 1.0.4.106, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7100LG before 1.0.0.72, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, R8300 before 1.0.2.154, R8500 before 1.0.2.154, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 3.2.18.2, EAX20 versiones anteriores a 1.0.0.58, EAX80 versiones anteriores a 1.0.1.68, EX3700 versiones anteriores a 1.0.0.94, EX3800 versiones anteriores a 1.0.0. 94, EX6120 versiones anteriores a 1.0.0.64, EX6130 versiones anteriores a 1.0.0.44, EX7000 versiones anteriores a 1.0.1.104, EX7500 versiones anteriores a 1.0.0.74, LAX20 versiones anteriores a 1.1.6.28, MR60 versiones anteriores a 1.0.6.116, MS60 versiones anteriores a 1.0. 6.116, R6300v2 versiones anteriores a 1.0.4.52, R6400 versiones anteriores a 1.0.1.70, R6400v2 versiones anteriores a 1.0.4.106, R6700v3 versiones anteriores a 1.0.4.106, R6900P versiones anteriores a 1.3.3.140, R7000 versiones anteriores a 1.0.11. 126, R7000P versiones anteriores a 1.3.3.140, R7100LG versiones anteriores a 1.0.0.72, R7850 versiones anteriores a 1.0.5.74, R7900 versiones anteriores a 1.0.4.46, R7900P versiones anteriores a 1.4.2.84, R7960P versiones anteriores a 1.4.2.84, R8000 versiones anteriores a 1. 0.4.74, R8000P versiones anteriores a 1.4.2.84, R8300 versiones anteriores a 1.0.2.154, R8500 versiones anteriores a 1.0.2.154, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4. 120, RAX35v2 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX45 versiones anteriores a 1.0.3.96, RAX50 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1.0.4.120, RAX80 versiones anteriores a 1. 0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2. 17.12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RS400 versiones anteriores a 1.5.1.80, XR1000 versiones anteriores a 1.0.0.58 y XR300 versiones anteriores a 1.0.3.68", }, ], id: "CVE-2021-45621", lastModified: "2024-11-21T06:32:41.920", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:18.757", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45629", lastModified: "2024-11-21T06:32:43.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.143", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064132/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0488", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064132/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0488", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-21 18:15
Modified
2024-11-21 07:16
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbs750_firmware | 4.6.8.5 | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:4.6.8.5:*:*:*:*:*:*:*", matchCriteriaId: "7CE366C8-EEC7-4725-AA02-C4ED5E204E01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information.", }, ], id: "CVE-2022-38458", lastModified: "2024-11-21T07:16:31.003", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "talos-cna@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-21T18:15:12.267", references: [ { source: "talos-cna@cisco.com", url: "https://kb.netgear.com/000065428/Security-Advisory-for-Cleartext-Transmission-on-Some-Orbi-WiFi-Systems-PSV-2022-0189", }, { source: "talos-cna@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1598", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kb.netgear.com/000065428/Security-Advisory-for-Cleartext-Transmission-on-Some-Orbi-WiFi-Systems-PSV-2022-0189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1598", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1598", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-311", }, ], source: "talos-cna@cisco.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-319", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCDDC785-6FEC-4D94-86D1-8E55FB0CA6C1", versionEndExcluding: "3.2.18.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48709EA4-81F3-4CF1-B9A8-5379309914B0", versionEndExcluding: "1.1.6.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*", matchCriteriaId: "491CEB8D-22F3-4F86-96F0-03C5C58BA295", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE40C2D0-0863-4E0F-B3E7-6FD043B46467", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA438541-75AE-4D6B-AB56-02760D08D465", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2234C485-F411-48CC-9A0B-AA49B6961E38", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94795476-184B-4E7D-9D8B-ECB45609108E", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E06EFF-9D71-43DB-A304-9A41998FD68A", versionEndExcluding: "1.0.11.126", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3A7E8BF-8CC3-4806-89F5-FBE01A36A1FD", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF7A1DF8-E9A0-4312-AC37-DEB46E37EE50", versionEndExcluding: "1.0.5.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4195BC65-A849-4C3A-B726-E013CEB57F32", versionEndExcluding: "1.0.4.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D10E41DC-982F-444A-9A4D-82EC2BA64199", versionEndExcluding: "1.0.4.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2268D5EF-E7FA-4112-A468-507417E18FFF", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31289572-2197-4A38-8353-CA4AAD491160", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "841D857C-3387-43E0-A3AF-0E81CBEE3E40", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9358B2F2-D24E-434D-AEE5-6CE093598793", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF0E5B9-8D2D-4A3F-881E-2E3122B3577C", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*", matchCriteriaId: "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AC89EAA-344C-438E-A5A5-2C34CF699743", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*", matchCriteriaId: "178BB386-F66C-4CE8-9283-37D22B304691", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0706367A-3F60-4564-8689-E0A46DDC31C2", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "679C4EC5-D17E-469B-A28F-BF5E231CED3D", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A", versionEndExcluding: "1.5.1.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F615F516-29EF-4C15-9E18-C5D4F6291A38", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR750 versiones anteriores a 3.2.18.2, LAX20 versiones anteriores a 1.1.6.28, MK62 versiones anteriores a 1.0.6.116, MR60 versiones anteriores a 1.0.6.116, MS60 versiones anteriores a 1.0.6.116, R6900P versiones anteriores a 1.3.3.140, R7000 versiones anteriores a 1.0.11.126, R7000P versiones anteriores a 1. 3.3.140, R7850 versiones anteriores a 1.0.5.68, R7900 versiones anteriores a 1.0.4.46, R7900P versiones anteriores a 1.4.2.84, R7960P versiones anteriores a 1.4.2.84, R8000 versiones anteriores a 1.0.4.68, R8000P versiones anteriores a 1.4.2.84, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3. 96, RAX200 versiones anteriores a 1.0.4.120, RAX35v2 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX45 versiones anteriores a 1.0.3.96, RAX50 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1.0.4.120, RAX80 versiones anteriores a 1.0.4. 120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RS400 versiones anteriores a 1.5.1.80 y XR1000 versiones anteriores a 1.0.0.58", }, ], id: "CVE-2021-45616", lastModified: "2024-11-21T06:32:40.943", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:18.520", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064527/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0576", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064527/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0576", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBK853 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, RBK842 before 3.2.10.11, RBR840 before 3.2.10.11, and RBS840 before 3.2.10.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "003185A9-52A8-42BB-A898-CE9F020AC301", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28A22215-3A55-44B2-906D-10518A24F83C", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "894527F8-4315-4CF0-A3D5-EACC612E0318", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1C6098D-779F-4807-988F-90103E312896", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBK853 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, RBK842 before 3.2.10.11, RBR840 before 3.2.10.11, and RBS840 before 3.2.10.11.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una divulgación de credenciales administrativas. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.10.11, RBK853 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11, RBS850 versiones anteriores a 3.2.10.11, RBK842 versiones anteriores a 3.2.10.11, RBR840 versiones anteriores a 3.2.10.11 y RBS840 versiones anteriores a 3.2.10.11", }, ], id: "CVE-2020-14426", lastModified: "2024-11-21T05:03:14.453", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:11.813", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061931/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-Wifi-Systems-PSV-2020-0033", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061931/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-Wifi-Systems-PSV-2020-0033", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45564", lastModified: "2024-11-21T06:32:32.060", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.040", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064085/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0067", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064085/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0067", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-23 07:15
Modified
2024-11-21 06:00
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbk854_firmware | * | |
| netgear | rbk854 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbk754_firmware | * | |
| netgear | rbk754 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EF8E22-9DC7-4A42-99E0-A6822F647DF7", versionEndExcluding: "2.6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64DF0B69-B591-47B6-88C1-82544AA3DE9B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "106863FF-9BE9-4C18-9A86-C458FF9EBDD6", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*", matchCriteriaId: "01D12702-8B86-419C-8636-1259FD2D5844", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1723D5F-FFDB-4E4D-80B7-4B28598D5895", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D041B9F-37E4-48A9-9841-85EFFF7FA1D1", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E6FDC1-BB17-454A-9B3A-5FB1F705C56B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk754:-:*:*:*:*:*:*:*", matchCriteriaId: "F8BF464E-63DB-4AC4-9B5D-E3ECDC000305", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región stack de la memoria por parte de un usuario autenticado. Esto afecta a RBW30 versiones anteriores a 2.6.2.2, RBK852 versiones anteriores a 3.2.17.12, RBK853 versiones anteriores a 3.2.17.12, RBK854 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17. 12, RBK752 versiones anteriores a 3.2.17.12, RBK753 versiones anteriores a 3.2.17.12, RBK753S versiones anteriores a 3.2.17.12, RBK754 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12 y RBS750 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-29074", lastModified: "2024-11-21T06:00:39.400", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-23T07:15:13.797", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063011/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Routers-PSV-2020-0467", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063011/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-WiFi-Routers-PSV-2020-0467", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una omisión de autenticación. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45505", lastModified: "2024-11-21T06:32:22.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:13.133", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064129/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0477", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064129/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0477", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14437", lastModified: "2024-11-21T05:03:16.423", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.860", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061940/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0054", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061940/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0054", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rax200_firmware | * | |
| netgear | rax200 | - | |
| netgear | mr60_firmware | * | |
| netgear | mr60 | - | |
| netgear | rax20_firmware | * | |
| netgear | rax20 | - | |
| netgear | rax45_firmware | * | |
| netgear | rax45 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | ms60_firmware | * | |
| netgear | ms60 | - | |
| netgear | rax15_firmware | * | |
| netgear | rax15 | - | |
| netgear | rax50_firmware | * | |
| netgear | rax50 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | eax80_firmware | * | |
| netgear | eax80 | - | |
| netgear | ex7500_firmware | * | |
| netgear | ex7500 | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v | - | |
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F1EBAB4-F713-4AC5-AECC-9E9D61FF3576", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93EF1D39-E084-40E9-86CF-C590763841A0", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7932C371-669C-43C0-94A4-17BD4BDE8C74", versionEndExcluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E445DBA-2B45-410C-9288-1A4472452CE1", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED73C5EC-C8D3-4206-BCAA-0901F786DD98", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8B99059-161F-42D4-8AD8-478ABB7DE4B6", versionEndExcluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7EE6BC6-DEDA-4005-9E29-D66D0BC7E5C2", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96390A31-03B8-477B-8710-F797CB44E741", versionEndExcluding: "1.0.4.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D10E41DC-982F-444A-9A4D-82EC2BA64199", versionEndExcluding: "1.0.4.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2240C06-A117-48E6-9576-C58F3314A160", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F388398-842E-40B1-9ACC-2D9A15D2BF2A", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX80 before 1.0.1.62, EX7500 before 1.0.0.72, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.4.120, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.4.120, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.4.120, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un ataque de tipo XSS almacenado. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, EAX80 versiones anteriores a 1.0.1.62, EX7500 versiones anteriores a 1.0.0.72, R7900 versiones anteriores a 1.0.4.38, R8000 versiones anteriores a 1.0.4. 68, RAX200 versiones anteriores a 1.0.4.120, RBS40V versiones anteriores a 2.6.1.4, RBW30 versiones anteriores a 2.6.1.4, MR60 versiones anteriores a 1.0.6.110, RAX20 versiones anteriores a 1.0.2.82, RAX45 versiones anteriores a 1.0.2. 72, RAX80 versiones anteriores a 1.0.4.120, MS60 versiones anteriores a 1.0.6.110, RAX15 versiones anteriores a 1.0.2.82, RAX50 versiones anteriores a 1.0.2.72, RAX75 versiones anteriores a 1.0.4.120, RBR750 versiones anteriores a 3. 2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBK752 versiones anteriores a 3.2.16.6 y RBK852 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45671", lastModified: "2024-11-21T06:32:50.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 5.3, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:21.057", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064482/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0261", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064482/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0261", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 before 1.0.4.92, MK63 before 1.0.4.92, MR60 before 1.0.4.92, MS60 before 1.0.4.92, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBS750 before 3.2.15.25, RBR750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | mk62_firmware | * | |
| netgear | mk62 | - | |
| netgear | mk63_firmware | * | |
| netgear | mk63 | - | |
| netgear | mr60_firmware | * | |
| netgear | mr60 | - | |
| netgear | ms60_firmware | * | |
| netgear | ms60 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C17F8372-6149-455C-B48F-4BE45DC92EC7", versionEndExcluding: "1.0.4.92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk63_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08087535-0C20-4FB8-9F73-CD4817343459", versionEndExcluding: "1.0.4.92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk63:-:*:*:*:*:*:*:*", matchCriteriaId: "3DFA7D26-4286-40B2-94CB-0D2A6E6FCF1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9584E85F-AD4C-46A2-A96A-0FE52E0B4FE9", versionEndExcluding: "1.0.4.92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63495F09-8D4B-4BAC-96C0-3A15D9019C14", versionEndExcluding: "1.0.4.92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 before 1.0.4.92, MK63 before 1.0.4.92, MR60 before 1.0.4.92, MS60 before 1.0.4.92, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBS750 before 3.2.15.25, RBR750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una divulgación de credenciales administrativas. Esto afecta a MK62 versiones anteriores a 1.0.4.92, MK63 versiones anteriores a 1.0.4.92, MR60 versiones anteriores a 1.0.4.92, MS60 versiones anteriores a 1.0.4.92, RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14429", lastModified: "2024-11-21T05:03:14.980", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.077", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061938/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0050", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061938/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0050", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una divulgación de credenciales administrativas. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14427", lastModified: "2024-11-21T05:03:14.637", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:11.920", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061935/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0042", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061935/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0042", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCA48F47-FC18-4953-BA90-1F4F3695A2BE", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC9EE9DE-DD58-46A9-87FB-D284EBE0ACC1", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EB8CD19-4963-42A8-B9E6-63ED5EC35119", versionEndExcluding: "1.0.0.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48709EA4-81F3-4CF1-B9A8-5379309914B0", versionEndExcluding: "1.1.6.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*", matchCriteriaId: "491CEB8D-22F3-4F86-96F0-03C5C58BA295", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE40C2D0-0863-4E0F-B3E7-6FD043B46467", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA438541-75AE-4D6B-AB56-02760D08D465", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2234C485-F411-48CC-9A0B-AA49B6961E38", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0095B9D4-E161-4050-B283-2166CB86CB24", versionEndExcluding: "1.0.4.118", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0702F9B6-2DAC-4308-8737-9F85AD28E847", versionEndExcluding: "1.0.4.118", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94795476-184B-4E7D-9D8B-ECB45609108E", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9F1DAD0-F8B8-48D5-B571-C55636B274C3", versionEndExcluding: "1.0.11.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3A7E8BF-8CC3-4806-89F5-FBE01A36A1FD", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF7A1DF8-E9A0-4312-AC37-DEB46E37EE50", versionEndExcluding: "1.0.5.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96390A31-03B8-477B-8710-F797CB44E741", versionEndExcluding: "1.0.4.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D10E41DC-982F-444A-9A4D-82EC2BA64199", versionEndExcluding: "1.0.4.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2268D5EF-E7FA-4112-A468-507417E18FFF", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31289572-2197-4A38-8353-CA4AAD491160", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "841D857C-3387-43E0-A3AF-0E81CBEE3E40", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9358B2F2-D24E-434D-AEE5-6CE093598793", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF0E5B9-8D2D-4A3F-881E-2E3122B3577C", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*", matchCriteriaId: "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AC89EAA-344C-438E-A5A5-2C34CF699743", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*", matchCriteriaId: "178BB386-F66C-4CE8-9283-37D22B304691", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0706367A-3F60-4564-8689-E0A46DDC31C2", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "679C4EC5-D17E-469B-A28F-BF5E231CED3D", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A", versionEndExcluding: "1.5.1.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F615F516-29EF-4C15-9E18-C5D4F6291A38", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3AE70236-D1C6-4B58-8385-1FA5F71916AF", versionEndExcluding: "1.0.3.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA1BB56F-20B5-4A79-AE9D-429A011EAA4C", versionEndExcluding: "1.0.1.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, EAX20 versiones anteriores a 1.0.0.58, EAX80 versiones anteriores a 1.0.1.68, EX7500 versiones anteriores a 1.0.0.74, LAX20 versiones anteriores a 1.1.6.28, MK62 versiones anteriores a 1.0.6.116, MR60 versiones anteriores a 1.0.6.116, MS60 versiones anteriores a 1.0.6.116, R6400 versiones anteriores a 1.0.1. 70, R6400v2 versiones anteriores a 1.0.4.118, R6700v3 versiones anteriores a 1.0.4.118, R6900P versiones anteriores a 1.3.3.140, R7000 versiones anteriores a 1.0.11.116, R7000P versiones anteriores a 1.3.3.140, R7850 versiones anteriores a 1.0.5.68, R7900 versiones anteriores a 1.0.4.38, R7900P versiones anteriores a 1.4.2.84, R7960P versiones anteriores a 1.4.2.84, R8000 versiones anteriores a 1.0.4. 68, R8000P versiones anteriores a 1.4.2.84, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4.120, RAX35v2 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX45 versiones anteriores a 1.0.3.96, RAX50 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1.0.4. 120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RS400 versiones anteriores a 1.5.1.80, XR1000 versiones anteriores a 1.0.0.58 y XR300 versiones anteriores a 1.0.3.68", }, ], id: "CVE-2021-45622", lastModified: "2024-11-21T06:32:42.160", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:18.810", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://kb.netgear.com/000064509/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extender-WiFi-Systems-PSV-2020-0506", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://kb.netgear.com/000064509/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extender-WiFi-Systems-PSV-2020-0506", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45562", lastModified: "2024-11-21T06:32:31.677", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:15.940", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064082/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0060", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064082/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0060", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45568", lastModified: "2024-11-21T06:32:32.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.220", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064090/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0076", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064090/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0076", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una divulgación de credenciales administrativas. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11 y RBS850 versiones anteriores a 3.2.10.11", }, ], id: "CVE-2020-26897", lastModified: "2024-11-21T05:20:26.343", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:12.450", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062357/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0045", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062357/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0045", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45588", lastModified: "2024-11-21T06:32:36.107", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.163", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064110/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0096", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064110/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0096", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45572", lastModified: "2024-11-21T06:32:33.380", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.417", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064094/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064094/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0080", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-26910", lastModified: "2024-11-21T05:20:28.393", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:16.857", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062343/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062343/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0031", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-23 07:15
Modified
2024-11-21 06:00
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E99E8C5-D88D-409C-8233-944E254D587F", versionEndExcluding: "1.0.4.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*", matchCriteriaId: "5A09A9E8-8C77-4EDB-9483-B3C540EF083A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B80222E-C65C-4AA5-9399-E2017D844117", versionEndExcluding: "1.0.4.98", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*", matchCriteriaId: "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D208F2CA-DB20-4C82-8FFF-B99EBFE29713", versionEndExcluding: "1.0.11.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:*:*:*:*:*:*:*:*", matchCriteriaId: "E5A29C8A-71C1-477F-9D17-CD2E74784BB8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61DE3850-1661-43D1-9E52-31E2E01979EE", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:*:*:*:*:*:*:*:*", matchCriteriaId: "3524A509-D0CF-40EB-93FE-9538169CEF53", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C6F506A-464D-4BDE-8F9B-D537D3C7E137", versionEndExcluding: "1.3.2.124", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:*:*:*:*:*:*:*:*", matchCriteriaId: "8DC381A4-BDC7-4F40-AD68-F9EEE5370AC1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9800CB2-C14A-406B-B1FF-B1B62862EBDB", versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:*:*:*:*:*:*:*:*", matchCriteriaId: "0F35362B-CF27-4C04-AD15-8579F1F6B949", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4171EB00-3664-43D5-9B62-A3538C358142", versionEndExcluding: "1.0.5.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:*:*:*:*:*:*:*:*", matchCriteriaId: "7780F243-8E08-4E1F-A819-24386B05F817", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F030129E-95C6-4C31-92A6-DABCDC1B534B", versionEndExcluding: "1.0.4.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:*:*:*:*:*:*:*:*", matchCriteriaId: "41BA56D3-4429-43DA-9988-A83CC92D323D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "921A8CFC-D86E-4674-998E-31F4F956B5DC", versionEndExcluding: "1.5.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:*:*:*:*:*:*:*:*", matchCriteriaId: "BE56058F-FE7A-43D3-A362-2043B74FAE81", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "478CE991-5E30-438D-94B0-0E15A29E27BD", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:*:*:*:*:*:*:*:*", matchCriteriaId: "09DF14C8-CE32-47AB-B087-D8D6C84C8F98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "19D625E4-17F4-44EF-9A51-DA0BAD4835F2", versionEndExcluding: "1.0.2.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:*:*:*:*:*:*:*:*", matchCriteriaId: "B0D05E55-6C70-419A-9A5D-D89AA8F19499", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B1D59AC0-2859-46C0-B050-3BB8E3E9CB06", versionEndExcluding: "1.0.2.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900:*:*:*:*:*:*:*:*", matchCriteriaId: "E5B64473-5409-419B-967A-E4D7922D7010", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "99DA73AE-E82E-4886-9237-291B6B32BE9E", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk60:*:*:*:*:*:*:*:*", matchCriteriaId: "F2581D68-BF67-43E9-9465-A510DC80C236", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E18CCBB-46CD-423D-AA66-36F223EFD6E6", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:*:*:*:*:*:*:*:*", matchCriteriaId: "D651DEF9-CC2F-4ADB-9FEE-5C43A8366A75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "07A1D7A9-29E9-4B1D-90DB-24E0967C9BC7", versionEndExcluding: "1.0.5.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:*:*:*:*:*:*:*:*", matchCriteriaId: "7467498D-EEFE-4B57-8031-B9F99751D556", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:*:*:*:*:*:*:*:*", matchCriteriaId: "ACAD2041-9A20-444A-BB81-8764610D6F00", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3B377E02-0228-4A2F-90F3-A82E7E964B37", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:*:*:*:*:*:*:*:*", matchCriteriaId: "2982807D-D17B-49B8-B0D7-80662EDFC306", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA8D0327-0A72-44EC-9CC2-6CAF6A0C08B2", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:*:*:*:*:*:*:*:*", matchCriteriaId: "5C64BD39-F245-47DB-981D-36613AD40BFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44537647-E0B2-477D-98A5-7EA850BF3321", versionEndExcluding: "1.4.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:*:*:*:*:*:*:*:*", matchCriteriaId: "67C27B00-2FD3-4AE9-90B7-AEFA2631C9E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC5225D5-96AD-43EE-BAA3-37B7FEF97E86", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:*:*:*:*:*:*:*:*", matchCriteriaId: "3DED03C1-00A1-49B3-BD19-DCCC489E7FE2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33505A97-35DB-4EFD-9D47-EA03057C8FFD", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:*:*:*:*:*:*:*:*", matchCriteriaId: "B881D3AF-6D5B-4AC9-BB36-E673D88BDC54", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:*:*:*:*:*:*:*:*", matchCriteriaId: "DCF91BA6-DF2A-4121-9246-83C6DAA89C11", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", versionEndExcluding: "1.0.3.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:*:*:*:*:*:*:*:*", matchCriteriaId: "E4EAEF0F-DCED-4ECC-B8DF-4E91AA030D8E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49D5D1E8-637A-4970-8753-6A3FCA8FAC64", versionEndExcluding: "1.0.2.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:*:*:*:*:*:*:*:*", matchCriteriaId: "497D21B1-4F55-408F-8D05-18B2B9F55291", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5A3B894E-E712-477A-9960-30AFAB2C35CF", versionEndExcluding: "1.0.2.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*", matchCriteriaId: "80FD45DF-A29E-46C7-99DC-09EE74F5A276", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A71AE85C-74C4-42C1-BF54-89B6EC38C707", versionEndExcluding: "1.0.2.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*", matchCriteriaId: "12DA6A42-4064-4884-9D8C-7273CA8F0498", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B59B0C17-2714-48E8-8911-E72488CE32E3", versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:*:*:*:*:*:*:*:*", matchCriteriaId: "111905EF-0E9E-4321-837F-D7E7C146E9FF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C7EE6BC6-DEDA-4005-9E29-D66D0BC7E5C2", versionEndExcluding: "1.0.1.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:*:*:*:*:*:*:*:*", matchCriteriaId: "06EC4DE7-7424-4D7C-9979-88C58CBB0978", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "62EFA314-85C0-48CC-938E-E2BF42B16746", versionEndExcluding: "1.0.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:*:*:*:*:*:*:*:*", matchCriteriaId: "24022452-B0A3-4101-875A-46D0B5E60D48", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:*:*:*:*:*:*:*:*", matchCriteriaId: "31427F8E-7D14-4DE1-AF03-7487073040B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E391711-0D34-4CBB-9022-BF809C435616", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:*:*:*:*:*:*:*:*", matchCriteriaId: "57204B6D-6D87-4616-91ED-446894C24A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C348EA7B-1226-4745-9961-A5B253BE8235", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:*:*:*:*:*:*:*:*", matchCriteriaId: "DFFAC263-BF84-404C-9A4F-BF9D1D4134E5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85D95CCB-7E4A-4CA5-A503-FB79DBC08DDE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk754:*:*:*:*:*:*:*:*", matchCriteriaId: "2731D467-A9C2-4801-9D41-BBECF0F4C585", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*", matchCriteriaId: "C6CB2B42-ADFE-42A7-8A9D-B5C2ED6F2E7F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*", matchCriteriaId: "EB5309A5-3F84-46F4-BB50-754E9C52FA88", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:*:*:*:*:*:*:*:*", matchCriteriaId: "4B06308A-9862-4B1E-A100-B9A8B47311B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02781FF1-A884-44D3-8364-FF8371D47FCA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:*:*:*:*:*:*:*:*", matchCriteriaId: "530F895F-0061-441F-A2BD-CC51A8C13BE5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FAA417FF-DB33-477B-9D73-003CE56C5D78", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk854:*:*:*:*:*:*:*:*", matchCriteriaId: "B9217A7B-0410-4E57-BD91-8E20237FB52B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*", matchCriteriaId: "A77C093D-AF25-4757-880C-698A7902D507", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*", matchCriteriaId: "7A92FEE8-77A2-49DE-BCF7-9416F64E5F28", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F5C6DF5F-FEFB-4A30-87CC-379E726AE181", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:*:*:*:*:*:*:*:*", matchCriteriaId: "1AC8A705-F376-4B1F-B5AD-024CE43EB997", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "451C5603-927A-4EB9-BF9D-150FE16A48F8", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*", matchCriteriaId: "057CD043-7ACD-4284-9CC0-171F437B1501", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B22B149-BD16-42A0-BB1D-DEF483F6B5E1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*", matchCriteriaId: "0D633C05-5C85-490D-8692-BBA04C36F450", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F898DC9-9250-47DF-844C-F7308365135B", versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6120:*:*:*:*:*:*:*:*", matchCriteriaId: "C1B44D10-8A75-4643-8937-9157C7C1014D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0754CB8B-A9D4-4444-8426-E1DDBBD2A9D1", versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6220:*:*:*:*:*:*:*:*", matchCriteriaId: "D00B9746-B4B1-4473-8417-BF1B10831B50", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D35F61B-5E8F-483B-9F31-A312AB8C717F", versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6230:*:*:*:*:*:*:*:*", matchCriteriaId: "D8C14B49-D069-41E3-94C3-A49E06022D60", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23D4F7E6-C042-434E-87B8-55DB18B08B0A", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6260:*:*:*:*:*:*:*:*", matchCriteriaId: "0E2353F3-A93F-4477-9E2E-4E23EAA5F51C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3408536D-FC77-48C5-AD15-C5A170D7417C", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6850:*:*:*:*:*:*:*:*", matchCriteriaId: "D4F77BFF-3640-4906-ABCF-E3C6945050E3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F105F6F-ECD3-411D-924E-94BCF036C1EA", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6350:*:*:*:*:*:*:*:*", matchCriteriaId: "5B54BEAD-CF85-48AB-87EE-F09FAAF1F3D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6330_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6524B85E-23AC-4983-8331-96E12899B773", versionEndExcluding: "1.1.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6330:*:*:*:*:*:*:*:*", matchCriteriaId: "D552EC52-5DB8-45BF-BD1B-0554FCEBCD24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACEAC1F2-EEAE-4880-B6C0-FFAAA29685F1", versionEndExcluding: "1.0.1.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:*:*:*:*:*:*:*:*", matchCriteriaId: "0C82317F-0843-4B4F-9FE0-8A44BA651D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E3BFCB-BFF8-4722-BE48-5FA93CACD3AD", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:*:*:*:*:*:*:*:*", matchCriteriaId: "4660355E-74B6-40E5-86E0-3BA55589C557", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "39D6318D-F5A2-4469-B508-075F2825F0FA", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:*:*:*:*:*:*:*:*", matchCriteriaId: "0D9688E5-D944-437C-81AC-03CA64087DC3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1F44708A-C946-4E0F-9D6C-A91AFB4C9EF3", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:*:*:*:*:*:*:*:*", matchCriteriaId: "00C4E1D7-94CB-4A0B-9E74-89880CBFF11C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AAC56D3D-B697-4C9D-ADBB-A45845A3B5D4", versionEndExcluding: "2.6.1.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:*:*:*:*:*:*:*:*", matchCriteriaId: "AADEEDB6-C8F5-41D3-93C8-AB94605554C9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E21623E-9977-486F-93B1-858FC407E9D1", versionEndExcluding: "2.6.1.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:*:*:*:*:*:*:*:*", matchCriteriaId: "5428D4B4-DEEC-4A14-BF24-EB480A614FA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A32769CF-7D0A-4A3F-AF20-6202CA0C6870", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:*:*:*:*:*:*:*:*", matchCriteriaId: "772CF322-9944-4243-BFBB-8F133AE5A373", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "675E9C59-D39B-47B0-ABEC-32D548650AB7", versionEndExcluding: "2.6.1.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk23:*:*:*:*:*:*:*:*", matchCriteriaId: "752FA3EA-C87D-4402-ACFF-11E1DE15501B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C1612C65-9BA0-4CAF-93B3-D528287B0790", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:*:*:*:*:*:*:*:*", matchCriteriaId: "BE1E01AE-DE82-4F20-BCFB-E5A48CCE28AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04F03BE5-1440-4BC4-B902-97E702ED0ADF", versionEndExcluding: "2.6.1.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:*:*:*:*:*:*:*:*", matchCriteriaId: "B12E8664-5D49-4377-A8C4-175F15E94083", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9EC30751-F447-45A7-8C57-B73042869EA5", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk12:*:*:*:*:*:*:*:*", matchCriteriaId: "D26AB2BC-061D-4142-9E37-A22368398876", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2E7758BF-0AE4-46DB-A014-734F68AEEAA0", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk13:*:*:*:*:*:*:*:*", matchCriteriaId: "52BB59CE-7024-4F7C-B49B-C2444FAA923E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B7CD38DB-B4A3-460E-8F89-E85A0E0F5BD3", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk14:*:*:*:*:*:*:*:*", matchCriteriaId: "C0CD88D0-E4F4-4695-A2BE-44758F6CA4C4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3E25990D-C38A-44E7-A301-AB9E80A9D5CA", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk15:*:*:*:*:*:*:*:*", matchCriteriaId: "87232E4A-7821-4A7A-8D31-67C91DCCA5B2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8246B8D3-8455-43B1-B0FA-F677B8FF84F5", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr10:*:*:*:*:*:*:*:*", matchCriteriaId: "69E984D9-C35E-4925-A3C3-695BCEF56C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28DA498C-B466-422E-BAD2-A1F9A15B157F", versionEndExcluding: "2.6.1.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs10:*:*:*:*:*:*:*:*", matchCriteriaId: "B0242C44-637E-4984-B830-9148E265E74B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8956A99-1071-42A7-8984-D7134E755CBF", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6800:*:*:*:*:*:*:*:*", matchCriteriaId: "6F3127F5-9624-4002-B8F8-D76A01676ADA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A660042D-27F6-4110-AB03-BCAFAC194557", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*", matchCriteriaId: "2E8EB69B-6619-47B6-A073-D0B840D4EB0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AFA2C5B9-92C2-4E70-B166-87AD9973F80E", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*", matchCriteriaId: "9F9706E6-CA53-43E4-91B0-D52655C86860", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "02279B20-D951-46CE-B339-452BC585A4F3", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7200:*:*:*:*:*:*:*:*", matchCriteriaId: "E330A8C5-1D91-4743-A35C-430CB5EAA0A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B452611A-43C5-401B-95BD-189020B5C65C", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7350:*:*:*:*:*:*:*:*", matchCriteriaId: "F27FB281-6C22-45E6-A3A1-DE90C3F2B608", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "237C68C0-C2A9-4F71-9E08-547F2A317CBC", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7400:*:*:*:*:*:*:*:*", matchCriteriaId: "CE8F6B4F-5995-40A4-89B4-325BACA086A2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "63697E3A-AAA3-42E7-8116-93C6548D3AB7", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7450:*:*:*:*:*:*:*:*", matchCriteriaId: "EB5E5161-10A9-41A9-9FC4-9A5F6B4536AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C1280B1-A2DF-4CAB-AB19-6B463206AA3D", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2100:*:*:*:*:*:*:*:*", matchCriteriaId: "DDFA0025-8657-4A20-A282-D1034D8BBEF3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "76C658A4-BF82-40CE-A5E1-C9F3DA1A9B0B", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2400:*:*:*:*:*:*:*:*", matchCriteriaId: "710011A1-F633-4B5D-9C09-04E518C71DE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A3A6655-B468-46FB-84D7-2294D4243C91", versionEndExcluding: "1.2.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ac2600:*:*:*:*:*:*:*:*", matchCriteriaId: "474A7CEB-7133-40FA-8FC5-BC85D712DABF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C393DBF4-8281-4611-B591-CDB9DF0AA958", versionEndExcluding: "1.0.2.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:*:*:*:*:*:*:*:*", matchCriteriaId: "01CF301B-9DF5-4960-BD62-06E56EDF1031", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "57314D03-64B1-4973-9D36-5D22A71DBCBB", versionEndExcluding: "1.0.5.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:*:*:*:*:*:*:*:*", matchCriteriaId: "0CD4841B-0F5C-4B7B-9764-F37605BF7AD9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DCE56F2-5A45-4B31-99EF-1D8455C71E5C", versionEndExcluding: "1.0.5.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:*:*:*:*:*:*:*:*", matchCriteriaId: "E4AAEB70-4F97-4044-B897-86020787DE01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B697A877-214C-4701-AA9B-FE9C23FDBCEB", versionEndExcluding: "1.0.1.136", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120:*:*:*:*:*:*:*:*", matchCriteriaId: "B302272A-8BCE-47B7-B7DB-026B22A39367", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "051E8D2A-0EB0-43A7-9AAA-8519B8CC7FE0", versionEndExcluding: "2.3.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr450:*:*:*:*:*:*:*:*", matchCriteriaId: "EA83AEEB-FBEB-40A9-9F61-814596C00922", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BCFB551-95C6-4EEF-83F0-4246F67E6668", versionEndExcluding: "2.3.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:*:*:*:*:*:*:*:*", matchCriteriaId: "7F284951-6DAA-4AA4-A189-44CDB44878A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89AB672D-DD24-483E-B69D-7E46AF199483", versionEndExcluding: "1.0.1.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr700:*:*:*:*:*:*:*:*", matchCriteriaId: "1AF919EF-8893-4E1A-A854-3FB932682504", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D71EDB94-370B-46C3-A14E-3F3FB130DD49", versionEndExcluding: "1.0.3.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:*:*:*:*:*:*:*:*", matchCriteriaId: "AED2DE10-EC70-4A50-9C17-2C02569BD149", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer por parte de un usuario autenticado. Esto afecta al R6700v3 versiones anteriores a 1.0.4.98, al R6400v2 versiones anteriores a 1.0.4.98, al R7000 versiones anteriores a 1.0.11.106, al R6900P versiones anteriores a 1.3.2.124, al R7000P versiones anteriores a 1.3.2.124, al R7900 versiones anteriores a 1.0.4.26, al R7850 versiones anteriores a 1.0.5.60, al R8000 versiones anteriores a 1.0.4.58, al RS400 versiones anteriores a 1.5.0.48, al R6400 versiones anteriores a 1.0.1. 62, R6700 versiones anteriores a 1.0.2.16, R6900 versiones anteriores a 1.0.2.16, MK60 versiones anteriores a 1.0.5.102, MR60 versiones anteriores a 1.0.5.102, MS60 versiones anteriores a 1.0.5.102, CBR40 versiones anteriores a 2.5.0.10, R8000P versiones anteriores a 1.4.1.62, R7960P versiones anteriores a 1.4.1.62, R7900P versiones anteriores a 1.4.1.62, RAX15 versiones anteriores a 1.0.1.64, RAX20 versiones anteriores a 1. 0.1.64, RAX75 versiones anteriores a 1.0.3.102, RAX80 versiones anteriores a 1.0.3.102, RAX200 versiones anteriores a 1.0.2.102, RAX45 versiones anteriores a 1.0.2.64, RAX50 versiones anteriores a 1.0.2.64, EX7500 versiones anteriores a 1.0.0.68, EAX80 versiones anteriores a 1.0.1.62, EAX20 versiones anteriores a 1.0.0.36, RBK752 versiones anteriores a 3.2.16.6, RBK753 versiones anteriores a 3.2.16. 6, RBK753S versiones anteriores a 3.2.16.6, RBK754 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16. 6, RBK853 versiones anteriores a 3.2.16.6, RBK854 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBR840 versiones anteriores a 3.2.16. 6, RBS840 versiones anteriores a 3.2.16.6, R6120 versiones anteriores a 1.0.0.70, R6220 versiones anteriores a 1.1.0.100, R6230 versiones anteriores a 1.1.0.100, R6260 versiones anteriores a 1.1.0.76, R6850 versiones anteriores a 1.1.0.76, R6350 versiones anteriores a 1.1.0.76, R6330 versiones anteriores a 1.1.0.76, D7800 versiones anteriores a 1.0.1.58, RBK50 versiones anteriores a 2.6.1.40, RBR50 versiones anteriores a 2. 6.1.40, RBS50 versiones anteriores a 2.6.1.40, RBK40 versiones anteriores a 2.6.1.36, RBR40 versiones anteriores a 2.6.1.36, RBS40 versiones anteriores a 2.6.1.38, RBK23 versiones anteriores a 2.6.1.36, RBR20 versiones anteriores a 2.6.1.38, RBS20 versiones anteriores a 2.6.1.38, RBK12 versiones anteriores a 2.6.1.44, RBK13 versiones anteriores a 2.6.1.44, RBK14 versiones anteriores a 2.6.1. 44, RBK15 versiones anteriores a 2.6.1.44, RBR10 versiones anteriores a 2.6.1.44, RBS10 versiones anteriores a 2.6.1.44, R6800 versiones anteriores a 1.2.0.72, R6900v2 versiones anteriores a 1.2.0. 72, R6700v2 versiones anteriores a 1.2.0.72, R7200 versiones anteriores a 1.2.0.72, R7350 versiones anteriores a 1.2.0.72, R7400 versiones anteriores a 1.2.0.72, R7450 versiones anteriores a 1.2.0.72, AC2100 versiones anteriores a 1. 2.0.72, AC2400 versiones anteriores a 1.2.0.72, AC2600 versiones anteriores a 1.2.0.72, R7800 versiones anteriores a 1.0.2.74, R8900 versiones anteriores a 1.0.5.24, R9000 versiones anteriores a 1.0.5.24, RAX120 versiones anteriores a 1.0.1.136, XR450 versiones anteriores a 2.3.2.66, XR500 versiones anteriores a 2.3.2.66, XR700 versiones anteriores a 1.0.1.34 y XR300 versiones anteriores a 1.0.3.50", }, ], id: "CVE-2021-29068", lastModified: "2024-11-21T06:00:38.353", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-23T07:15:13.297", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45581", lastModified: "2024-11-21T06:32:34.910", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.843", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064103/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0089", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064103/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0089", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FCA48F47-FC18-4953-BA90-1F4F3695A2BE", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AC9EE9DE-DD58-46A9-87FB-D284EBE0ACC1", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EB8CD19-4963-42A8-B9E6-63ED5EC35119", versionEndExcluding: "1.0.0.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48709EA4-81F3-4CF1-B9A8-5379309914B0", versionEndExcluding: "1.1.6.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*", matchCriteriaId: "491CEB8D-22F3-4F86-96F0-03C5C58BA295", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE40C2D0-0863-4E0F-B3E7-6FD043B46467", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA438541-75AE-4D6B-AB56-02760D08D465", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2234C485-F411-48CC-9A0B-AA49B6961E38", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0095B9D4-E161-4050-B283-2166CB86CB24", versionEndExcluding: "1.0.4.118", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0702F9B6-2DAC-4308-8737-9F85AD28E847", versionEndExcluding: "1.0.4.118", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94795476-184B-4E7D-9D8B-ECB45609108E", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A0E06EFF-9D71-43DB-A304-9A41998FD68A", versionEndExcluding: "1.0.11.126", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3A7E8BF-8CC3-4806-89F5-FBE01A36A1FD", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8491F80C-E57A-4862-B969-F43799A47D06", versionEndExcluding: "1.0.5.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4195BC65-A849-4C3A-B726-E013CEB57F32", versionEndExcluding: "1.0.4.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A662FDCF-DC41-4DC9-B77E-BE1D636AC0B3", versionEndExcluding: "1.0.4.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2268D5EF-E7FA-4112-A468-507417E18FFF", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31289572-2197-4A38-8353-CA4AAD491160", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "841D857C-3387-43E0-A3AF-0E81CBEE3E40", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9358B2F2-D24E-434D-AEE5-6CE093598793", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF0E5B9-8D2D-4A3F-881E-2E3122B3577C", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*", matchCriteriaId: "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AC89EAA-344C-438E-A5A5-2C34CF699743", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*", matchCriteriaId: "178BB386-F66C-4CE8-9283-37D22B304691", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0706367A-3F60-4564-8689-E0A46DDC31C2", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "679C4EC5-D17E-469B-A28F-BF5E231CED3D", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A", versionEndExcluding: "1.5.1.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F615F516-29EF-4C15-9E18-C5D4F6291A38", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3AE70236-D1C6-4B58-8385-1FA5F71916AF", versionEndExcluding: "1.0.3.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, EAX20 versiones anteriores a 1.0.0.58, EAX80 versiones anteriores a 1.0.1.68, EX7500 versiones anteriores a 1.0.0.74, LAX20 versiones anteriores a 1.1.6.28, MK62 versiones anteriores a 1.0.6.116, MR60 versiones anteriores a 1.0.6.116, MS60 versiones anteriores a 1.0.6.116, R6400v2 versiones anteriores a 1.0. 4.118, R6700v3 versiones anteriores a 1.0.4.118, R6900P versiones anteriores a 1.3.3.140, R7000 versiones anteriores a 1.0.11.126, R7000P versiones anteriores a 1.3.3.140, R7850 versiones anteriores a 1.0.5.74, R7900 versiones anteriores a 1.0.4.46, R7900P versiones anteriores a 1.4.2.84, R7960P versiones anteriores a 1.4.2.84, R8000 versiones anteriores a 1.0.4.74, R8000P versiones anteriores a 1. 4.2.84, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4.120, RAX35v2 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX45 versiones anteriores a 1.0.3.96, RAX50 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1.0.4.120, RAX80 versiones anteriores a 1. 0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RS400 versiones anteriores a 1.5.1.80, XR1000 versiones anteriores a 1.0.0.58 y XR300 versiones anteriores a 1.0.3.68", }, ], id: "CVE-2021-45612", lastModified: "2024-11-21T06:32:40.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:18.337", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064515/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0524", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064515/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0524", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-11 00:15
Modified
2024-11-21 06:17
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RBK752 before 3.2.10.10, RBR750 before 3.2.10.10, and RBS750 before 3.2.10.10.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | eax20_firmware | * | |
| netgear | eax20 | - | |
| netgear | mk62_firmware | * | |
| netgear | mk62 | - | |
| netgear | mr60_firmware | * | |
| netgear | mr60 | - | |
| netgear | ms60_firmware | * | |
| netgear | ms60 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "971A9859-C378-4DEC-9432-364930E662B7", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B05A46-1FD0-4F51-857C-DA4F838C1A87", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D842A92-6063-4CF5-B73B-2FD9FCE4225A", versionEndExcluding: "3.2.10.11", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42805332-33C3-49EB-9A55-952FA3E76A0B", versionEndExcluding: "1.0.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "525B767F-5A8A-4E6C-8585-BCBB05948B2D", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F1EBAB4-F713-4AC5-AECC-9E9D61FF3576", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E445DBA-2B45-410C-9288-1A4472452CE1", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "78982D53-7AF1-4443-BE50-BF8F3FC9BF16", versionEndExcluding: "3.2.10.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A06599B3-A691-4496-8043-118F1E8AE304", versionEndExcluding: "3.2.10.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E2FF118-6526-4F4E-B98A-2DEEE1BC3548", versionEndExcluding: "3.2.10.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RBK752 before 3.2.10.10, RBR750 before 3.2.10.10, and RBS750 before 3.2.10.10.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una omisión de la autenticación. Esto afecta a RBK852 versiones anteriores a 3.2.10.11, RBR850 versiones anteriores a 3.2.10.11, a RBS850 versiones anteriores a 3.2.10.11, CBR40 versiones anteriores a 2.5.0.10, EAX20 versiones anteriores a 1.0.0.48, MK62 versiones anteriores a 1. 0.6.110, MR60 versiones anteriores a 1.0.6.110, MS60 versiones anteriores a 1.0.6.110, RBK752 versiones anteriores a 3.2.10.10, RBR750 versiones anteriores a 3.2.10.10 y RBS750 versiones anteriores a 3.2.10.10", }, ], id: "CVE-2021-38513", lastModified: "2024-11-21T06:17:17.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-11T00:15:10.787", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063777/Security-Advisory-for-Authentication-Bypass-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0008", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063777/Security-Advisory-for-Authentication-Bypass-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0008", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RAX75 versiones anteriores a 1.0.3.106, RAX80 versiones anteriores a 1.0.3.106, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45536", lastModified: "2024-11-21T06:32:27.143", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:14.697", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064080/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064080/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0056", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
3.7 (Low) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rax200_firmware | * | |
| netgear | rax200 | - | |
| netgear | mr60_firmware | * | |
| netgear | mr60 | - | |
| netgear | rax20_firmware | * | |
| netgear | rax20 | - | |
| netgear | rax45_firmware | * | |
| netgear | rax45 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | ms60_firmware | * | |
| netgear | ms60 | - | |
| netgear | rax15_firmware | * | |
| netgear | rax15 | - | |
| netgear | rax50_firmware | * | |
| netgear | rax50 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04513F08-329D-446F-A356-29074C1C0BEA", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F1EBAB4-F713-4AC5-AECC-9E9D61FF3576", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93EF1D39-E084-40E9-86CF-C590763841A0", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7932C371-669C-43C0-94A4-17BD4BDE8C74", versionEndExcluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E445DBA-2B45-410C-9288-1A4472452CE1", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED73C5EC-C8D3-4206-BCAA-0901F786DD98", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8B99059-161F-42D4-8AD8-478ABB7DE4B6", versionEndExcluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un ataque de tipo XSS almacenado. Esto afecta a RAX200 versiones anteriores a 1.0.3.106, al MR60 versiones anteriores a 1.0.6.110, a RAX20 versiones anteriores a 1.0.2.82, a RAX45 versiones anteriores a 1.0.2.72, a RAX80 versiones anteriores a 1.0.3.106, al MS60 versiones anteriores a 1.0.6.110, a RAX15 versiones anteriores a 1.0.2.82, a RAX50 versiones anteriores a 1.0.2.72, a RBK752 versiones anteriores a 3.2.16.6 y a RBK852 versiones anteriores a 3.2.16.6. 0.2.72, RAX75 versiones anteriores a 1.0.3.106, RBR750 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBK752 versiones anteriores a 3.2.16.6 y RBK852 versiones anteriores a 3.2.16.6.", }, ], id: "CVE-2021-45669", lastModified: "2024-11-21T06:32:50.190", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 2.7, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:20.960", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2020-0210", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2020-0210", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R6900P before 1.3.2.126, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04513F08-329D-446F-A356-29074C1C0BEA", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F1EBAB4-F713-4AC5-AECC-9E9D61FF3576", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93EF1D39-E084-40E9-86CF-C590763841A0", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7932C371-669C-43C0-94A4-17BD4BDE8C74", versionEndExcluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E445DBA-2B45-410C-9288-1A4472452CE1", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ED73C5EC-C8D3-4206-BCAA-0901F786DD98", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8B99059-161F-42D4-8AD8-478ABB7DE4B6", versionEndExcluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42805332-33C3-49EB-9A55-952FA3E76A0B", versionEndExcluding: "1.0.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1344C924-0296-4F49-BF9F-113BB643CDD5", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B9DB22D-0775-48CE-A97D-BA3B5873C9F8", versionEndExcluding: "1.0.0.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F747A14B-5331-428E-8B53-724090554E07", versionEndExcluding: "1.0.0.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20A423A5-04E9-4323-9818-6C9B78065103", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "850D0AE9-A57C-47D3-9D44-7EE24E6F594D", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9F1DAD0-F8B8-48D5-B571-C55636B274C3", versionEndExcluding: "1.0.11.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "182AB5A2-5D07-4A5E-A863-4EE216D6F423", versionEndExcluding: "1.3.2.126", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96390A31-03B8-477B-8710-F797CB44E741", versionEndExcluding: "1.0.4.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D10E41DC-982F-444A-9A4D-82EC2BA64199", versionEndExcluding: "1.0.4.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44801589-B49E-4B00-84DD-EFE47526C70C", versionEndExcluding: "1.3.2.126", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2240C06-A117-48E6-9576-C58F3314A160", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F388398-842E-40B1-9ACC-2D9A15D2BF2A", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800 before 1.0.0.90, MS60 before 1.0.6.110, R6900P before 1.3.2.126, RAX15 before 1.0.2.82, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un ataque de tipo XSS almacenado. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, EAX20 versiones anteriores a 1.0.0.48, EAX80 versiones anteriores a 1.0.1.64, EX6120 versiones anteriores a 1.0.0.64, EX6130 versiones anteriores a 1.0.0.44, EX7500 versiones anteriores a 1.0.0.72, R7000 versiones anteriores a 1.0.11 116, R7900 versiones anteriores a 1.0.4.38, R8000 versiones anteriores a 1.0.4.68, RAX200 versiones anteriores a 1.0.3.106, RBS40V versiones anteriores a 2.6.1.4, RBW30 versiones anteriores a 2.6.1.4, EX3700 versiones anteriores a 1.0.0.90, MR60 versiones anteriores a 1.0.6.110, R7000P versiones anteriores a 1.3.2. 126, RAX20 versiones anteriores a 1.0.2.82, RAX45 versiones anteriores a 1.0.2.72, RAX80 versiones anteriores a 1.0.3.106, EX3800 versiones anteriores a 1.0.0.90, MS60 versiones anteriores a 1.0.6.110, R6900P versiones anteriores a 1.3.2.126, RAX15 versiones anteriores a 1.0.2.82, RAX50 versiones anteriores a 1. 0.2.72, RAX75 versiones anteriores a 1.0.3.106, RBR750 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBK752 versiones anteriores a 3.2.16.6 y RBK852 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45670", lastModified: "2024-11-21T06:32:50.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 5.3, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:21.007", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064480/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0255", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064480/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0255", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-09 07:15
Modified
2024-11-21 05:20
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", versionEndExcluding: "2.5.0.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por una divulgación de credenciales administrativas. Esto afecta a CBR40 versiones anteriores a 2.5.0.10, RBK752 versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-26900", lastModified: "2024-11-21T05:20:26.793", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:14.370", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062354/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0032", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062354/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-WiFi-Systems-PSV-2020-0032", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14438", lastModified: "2024-11-21T05:03:16.597", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.953", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061941/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061941/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0063", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45561", lastModified: "2024-11-21T06:32:31.513", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:15.893", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064165/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0059", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064165/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0059", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCDDC785-6FEC-4D94-86D1-8E55FB0CA6C1", versionEndExcluding: "3.2.18.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ADF65DC4-51D5-4C38-B28D-7EA93B1734A3", versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EEA190-2E9C-4586-BF81-B115532FBA23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "888A8E0F-93DD-436D-B00C-F469C3BD6E5B", versionEndExcluding: "1.0.0.102", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", matchCriteriaId: "7D30939B-86E3-4C78-9B05-686B4994C8B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "160F53B0-8430-4D85-8ABC-0A64B27DDFBD", versionEndExcluding: "1.0.3.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", matchCriteriaId: "814A0114-9A1D-4EA0-9AF4-6968514E4F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48709EA4-81F3-4CF1-B9A8-5379309914B0", versionEndExcluding: "1.1.6.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*", matchCriteriaId: "491CEB8D-22F3-4F86-96F0-03C5C58BA295", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE40C2D0-0863-4E0F-B3E7-6FD043B46467", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA438541-75AE-4D6B-AB56-02760D08D465", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2234C485-F411-48CC-9A0B-AA49B6961E38", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "685E2CA4-AA89-4574-8DB1-7C06D9F0FF2D", versionEndExcluding: "1.0.4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*", matchCriteriaId: "10938043-F7DF-42C3-8C16-F92CAF8E5576", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "930E739E-EFDC-49AB-9155-A71C2B25FCD6", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "87F3EAAB-C4C2-47BA-B87A-3CFF0C52EF21", versionEndExcluding: "1.0.4.118", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*", matchCriteriaId: "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "57A029C8-4DE3-4393-BD61-E9562C4E17D8", versionEndExcluding: "1.0.4.118", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*", matchCriteriaId: "5A09A9E8-8C77-4EDB-9483-B3C540EF083A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "94795476-184B-4E7D-9D8B-ECB45609108E", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9F1DAD0-F8B8-48D5-B571-C55636B274C3", versionEndExcluding: "1.0.11.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3A7E8BF-8CC3-4806-89F5-FBE01A36A1FD", versionEndExcluding: "1.3.3.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EF7A1DF8-E9A0-4312-AC37-DEB46E37EE50", versionEndExcluding: "1.0.5.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96390A31-03B8-477B-8710-F797CB44E741", versionEndExcluding: "1.0.4.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D10E41DC-982F-444A-9A4D-82EC2BA64199", versionEndExcluding: "1.0.4.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2268D5EF-E7FA-4112-A468-507417E18FFF", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31289572-2197-4A38-8353-CA4AAD491160", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax35_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "255508E6-628A-4C83-BA39-90C9D05197B7", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax35:v2:*:*:*:*:*:*:*", matchCriteriaId: "972BB714-8869-42C6-95F6-2C15AFA65716", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "68163CF2-4781-4B87-8E39-62B4DF82A44A", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax40:v2:*:*:*:*:*:*:*", matchCriteriaId: "DD5F8B3F-C0D0-496C-A235-A467EA578C28", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AC89EAA-344C-438E-A5A5-2C34CF699743", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*", matchCriteriaId: "178BB386-F66C-4CE8-9283-37D22B304691", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0706367A-3F60-4564-8689-E0A46DDC31C2", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "679C4EC5-D17E-469B-A28F-BF5E231CED3D", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A", versionEndExcluding: "1.5.1.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F615F516-29EF-4C15-9E18-C5D4F6291A38", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220 before 1.0.0.68, D6400 before 1.0.0.102, D8500 before 1.0.3.60, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región stack de la memoria por parte de un usuario autenticado. Esto afecta a CBR750 versiones anteriores a 3.2.18.2, D6220 versiones anteriores a 1.0.0.68, D6400 versiones anteriores a 1.0.0.102, D8500 versiones anteriores a 1.0.3.60, LAX20 versiones anteriores a 1.1.6.28, MK62 versiones anteriores a 1.0.6.116, MR60 versiones anteriores a 1.0.6.116, MS60 versiones anteriores a 1.0.6.116, R6300v2 versiones anteriores a 1.0.4.50, R6400 versiones anteriores a 1.0. 1.68, R6400v2 versiones anteriores a 1.0.4.118, R6700v3 versiones anteriores a 1.0.4.118, R6900P versiones anteriores a 1.3.3.140, R7000 versiones anteriores a 1.0.11.116, R7000P versiones anteriores a 1.3.3.140, R7850 versiones anteriores a 1.0.5.68, R7900 versiones anteriores a 1.0.4.38, R7900P versiones anteriores a 1.4.2.84, R7960P versiones anteriores a 1.4.2.84, R8000 versiones anteriores a 1. 0.4.68, R8000P versiones anteriores a 1.4.2.84, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4.120, RAX35v2 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX45 versiones anteriores a 1.0.3.96, RAX50 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1. 0.4.120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RS400 versiones anteriores a 1.5.1.80 y XR1000 versiones anteriores a 1.0.0.58", }, ], id: "CVE-2021-45604", lastModified: "2024-11-21T06:32:38.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 2.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.900", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14439", lastModified: "2024-11-21T05:03:16.763", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:13.047", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061942/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0064", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061942/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0064", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una omisión de autenticación. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45506", lastModified: "2024-11-21T06:32:22.267", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:13.183", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064130/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0483", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064130/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0483", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45590", lastModified: "2024-11-21T06:32:36.403", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.257", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064112/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0098", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064112/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0098", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45577", lastModified: "2024-11-21T06:32:34.223", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.650", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064099/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0085", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064099/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0085", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBS40V before 2.6.2.4, and RBW30 before 2.6.2.2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr40_firmware | * | |
| netgear | cbr40 | - | |
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v_firmware | 2.6.2.4 | |
| netgear | rbs40v | - | |
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DCDDC785-6FEC-4D94-86D1-8E55FB0CA6C1", versionEndExcluding: "3.2.18.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CA086E1-DB23-4130-B746-D56F5A188C3B", versionEndExcluding: "2.6.2.4", vulnerable: true, }, { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:2.6.2.4:*:*:*:*:*:*:*", matchCriteriaId: "62E0BEB9-020B-49C0-AF0D-A874CE9AD8B3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EF8E22-9DC7-4A42-99E0-A6822F647DF7", versionEndExcluding: "2.6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBS40V before 2.6.2.4, and RBW30 before 2.6.2.2.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 3.2.18.2, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2. 17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RBS40V versiones anteriores a 2.6.2.4 y RBW30 versiones anteriores a 2.6.2.2", }, ], id: "CVE-2021-45628", lastModified: "2024-11-21T06:32:43.157", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.097", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064125/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0472", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064125/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0472", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK842 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, and RBS750 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK842 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, and RBS750 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25, RBS850 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25 y RBS750 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14433", lastModified: "2024-11-21T05:03:15.677", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:12.453", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061932/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0035", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061932/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0035", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 17:15
Modified
2024-11-21 05:03
Severity ?
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk842_firmware | * | |
| netgear | rbk842 | - | |
| netgear | rbr840_firmware | * | |
| netgear | rbr840 | - | |
| netgear | rbs840_firmware | * | |
| netgear | rbs840 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE271234-71E6-4F3A-8F39-DA86D1275331", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "436BED04-0FD2-499B-9D42-F9E0AAA6CB97", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F35DDDEC-A64B-400E-ABF8-E13F432BD261", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "905C4D26-8575-429C-B1D2-FC35C773B129", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F60A549C-0D76-4A83-BBCD-C1D04075809B", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "754ACE12-E256-4B21-ABD5-CB5F3DA4BDC7", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk842:-:*:*:*:*:*:*:*", matchCriteriaId: "0E9B19B2-5FF1-4C85-8504-C33C34F072B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D19A1E4D-30F2-4263-B4BE-273EED14702E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr840:-:*:*:*:*:*:*:*", matchCriteriaId: "4489CB05-A1C0-408C-8D8C-56EE98CA20E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "44ED0285-F862-44B9-B0EE-C2FDC42706A2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs840:-:*:*:*:*:*:*:*", matchCriteriaId: "84AEA27B-8BEA-4E83-819A-FDAC1881928F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7300226F-8997-4142-8DAC-682F0E313072", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A553C5A2-EB80-4314-A623-8F489A4E74E2", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86A9DFB9-8429-45DB-84E8-30F37535145E", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4FC4E2F-711C-432A-91FE-27CB1EE41A33", versionEndExcluding: "3.2.15.25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.15.25, RBK753 versiones anteriores a 3.2.15.25, RBK753S versiones anteriores a 3.2.15.25, RBR750 versiones anteriores a 3.2.15.25, RBS750 versiones anteriores a 3.2.15.25, RBK842 versiones anteriores a 3.2.15.25, RBR840 versiones anteriores a 3.2.15.25, RBS840 versiones anteriores a 3.2.15.25, RBK852 versiones anteriores a 3.2.15.25, RBK853 versiones anteriores a 3.2.15.25, RBR850 versiones anteriores a 3.2.15.25 y RBS850 versiones anteriores a 3.2.15.25", }, ], id: "CVE-2020-14441", lastModified: "2024-11-21T05:03:17.100", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T17:15:13.233", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061946/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0071", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000061946/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0071", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45574", lastModified: "2024-11-21T06:32:33.713", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.507", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064096/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064096/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0082", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45587", lastModified: "2024-11-21T06:32:35.937", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.117", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064109/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0095", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064109/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0095", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-23 07:15
Modified
2024-11-21 06:00
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbk854_firmware | * | |
| netgear | rbk854 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk753_firmware | * | |
| netgear | rbk753 | - | |
| netgear | rbk753s_firmware | * | |
| netgear | rbk753s | - | |
| netgear | rbk754_firmware | * | |
| netgear | rbk754 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8EF8E22-9DC7-4A42-99E0-A6822F647DF7", versionEndExcluding: "2.6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64DF0B69-B591-47B6-88C1-82544AA3DE9B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "106863FF-9BE9-4C18-9A86-C458FF9EBDD6", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*", matchCriteriaId: "01D12702-8B86-419C-8636-1259FD2D5844", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1723D5F-FFDB-4E4D-80B7-4B28598D5895", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*", matchCriteriaId: "56AE9F2F-50F1-4917-BB21-FAEE6AACB14E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0D041B9F-37E4-48A9-9841-85EFFF7FA1D1", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*", matchCriteriaId: "192647CA-5BFC-4021-A91D-7CB8761FA137", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E6E6FDC1-BB17-454A-9B3A-5FB1F705C56B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk754:-:*:*:*:*:*:*:*", matchCriteriaId: "F8BF464E-63DB-4AC4-9B5D-E3ECDC000305", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región stack de la memoria por parte de un atacante no autenticado. Esto afecta a RBW30 versiones anteriores a 2.6.2.2, RBK852 versiones anteriores a 3.2.17.12, RBK853 versiones anteriores a 3.2.17.12, RBK854 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17. 12, RBK752 versiones anteriores a 3.2.17.12, RBK753 versiones anteriores a 3.2.17.12, RBK753S versiones anteriores a 3.2.17.12, RBK754 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12 y RBS750 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-29081", lastModified: "2024-11-21T06:00:40.503", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-23T07:15:14.310", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063012/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063012/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-WiFi-Systems-PSV-2020-0465", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, RBRE960 before 6.0.3.68, RBSE960 before 6.0.3.68, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | ex7500_firmware | * | |
| netgear | ex7500 | - | |
| netgear | rbs40v_firmware | * | |
| netgear | rbs40v | - | |
| netgear | rbw30_firmware | * | |
| netgear | rbw30 | - | |
| netgear | rbke963_firmware | * | |
| netgear | rbke963 | - | |
| netgear | rbre960_firmware | * | |
| netgear | rbre960 | - | |
| netgear | rbse960_firmware | * | |
| netgear | rbse960 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2240C06-A117-48E6-9576-C58F3314A160", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D05F28-47A2-46AE-992E-132B34F6194B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F388398-842E-40B1-9ACC-2D9A15D2BF2A", versionEndExcluding: "2.6.1.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*", matchCriteriaId: "FEA73D22-970D-45F2-81F3-9576C04CCC94", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbke963_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D52E6698-739A-4CD2-9FF4-37BB26641A84", versionEndExcluding: "6.0.3.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbke963:-:*:*:*:*:*:*:*", matchCriteriaId: "2A373427-186D-4741-9751-211FA26DA3CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbre960_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "49A5CF62-650B-4579-8527-F1D876D7D8B7", versionEndExcluding: "6.0.3.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbre960:-:*:*:*:*:*:*:*", matchCriteriaId: "314FF95E-5A0C-4A6B-B8D6-28546F2C1A12", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbse960_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A33F65C-6916-479C-B5F7-FCA5C158A213", versionEndExcluding: "6.0.3.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbse960:-:*:*:*:*:*:*:*", matchCriteriaId: "419AF785-61C6-4911-A170-6A06D7991948", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, RBRE960 before 6.0.3.68, RBSE960 before 6.0.3.68, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una denegación de servicio. Esto afecta a EX7500 versiones anteriores a 1.0.0.72, a RBS40V versiones anteriores a 2.6.1.4, a RBW30 versiones anteriores a 2.6.1.4, a RBRE960 versiones anteriores a 6.0.3.68, a RBSE960 versiones anteriores a 6.0.3.68, a RBR750 versiones anteriores a 3.2.17.12, a RBR850 versiones anteriores a 3.2.10.11. 2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RBK752 versiones anteriores a 3.2.17.12 y RBK852 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45515", lastModified: "2024-11-21T06:32:23.680", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:13.627", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064484/Security-Advisory-for-Denial-of-Service-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0286", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064484/Security-Advisory-for-Denial-of-Service-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0286", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45570", lastModified: "2024-11-21T06:32:33.060", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.327", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064092/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0078", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064092/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0078", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45571", lastModified: "2024-11-21T06:32:33.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.370", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064093/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064093/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0079", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX7500 before 1.0.0.72, R6400 before 1.0.1.68, R6900P before 1.3.2.132, R7000 before 1.0.11.116, R7000P before 1.3.2.132, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.66, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, MK62 before 1.0.6.110, MR60 before 1.0.6.110, R6400v2 before 1.0.4.106, R8000P before 1.4.1.66, RAX20 before 1.0.2.64, RAX45 before 1.0.2.82, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, R6700v3 before 1.0.4.106, R7900P before 1.4.1.66, RAX15 before 1.0.2.64, RAX50 before 1.0.2.82, RAX75 before 1.0.3.106, RBR750 before 3.2.16.22, RBR850 before 3.2.16.22, RBS750 before 3.2.16.22, RBS850 before 3.2.16.22, RBK752 before 3.2.16.22, and RBK852 before 3.2.16.22.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42805332-33C3-49EB-9A55-952FA3E76A0B", versionEndExcluding: "1.0.0.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax20:-:*:*:*:*:*:*:*", matchCriteriaId: "A9D3B54B-33C0-4E50-AD2B-2097C612F288", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1344C924-0296-4F49-BF9F-113BB643CDD5", versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:eax80:-:*:*:*:*:*:*:*", matchCriteriaId: "97740F5D-063E-424F-A0FE-09EBE1100975", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9F4EEE-E2D2-42B2-BC5C-844055677C1C", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7500:-:*:*:*:*:*:*:*", matchCriteriaId: "44336289-F9DA-4779-8C1A-0221E29E2E2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "930E739E-EFDC-49AB-9155-A71C2B25FCD6", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "839A9EBE-5F14-4695-8040-7D5607F8E248", versionEndExcluding: "1.3.2.132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*", matchCriteriaId: "C41908FF-AE64-4949-80E3-BEE061B2DA8A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D9F1DAD0-F8B8-48D5-B571-C55636B274C3", versionEndExcluding: "1.0.11.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EAF3EA40-79FB-4D2C-A8AF-A04820745C4D", versionEndExcluding: "1.3.2.132", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*", matchCriteriaId: "DFE55F4D-E98B-46D3-B870-041141934CD1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96390A31-03B8-477B-8710-F797CB44E741", versionEndExcluding: "1.0.4.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5B717BA8-81B7-470C-BF20-A4318D063D77", versionEndExcluding: "1.4.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F5A371E-41CA-4C5A-8DDC-3BD197F49096", versionEndExcluding: "1.0.4.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04513F08-329D-446F-A356-29074C1C0BEA", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95AF0FA9-F2C5-4D84-BF37-AA8CB6EC3C4A", versionEndExcluding: "1.5.1.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rs400:-:*:*:*:*:*:*:*", matchCriteriaId: "2700644E-0940-4D05-B3CA-904D91739E58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3AE70236-D1C6-4B58-8385-1FA5F71916AF", versionEndExcluding: "1.0.3.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr300:-:*:*:*:*:*:*:*", matchCriteriaId: "5590CF28-B88A-4755-904B-1BC1778FBEDD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "525B767F-5A8A-4E6C-8585-BCBB05948B2D", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F1EBAB4-F713-4AC5-AECC-9E9D61FF3576", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A95F7AFD-13E8-49B7-BA80-D8BC61C254FE", versionEndExcluding: "1.0.4.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "101031E9-479E-4F86-B83A-19376F8C8A45", versionEndExcluding: "1.4.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA18981F-7951-4BD5-9471-B4CD0D51D20B", versionEndExcluding: "1.0.2.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C3C502A5-DE6F-4807-817C-7D097D4058A6", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E445DBA-2B45-410C-9288-1A4472452CE1", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A33291E-18F7-452C-A5EF-7B3C2D087704", versionEndExcluding: "1.0.4.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "65F881E3-22B3-40D9-A896-51B13FD09EAA", versionEndExcluding: "1.4.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6233EAE2-4B6F-417A-84DB-32F2D2B8316E", versionEndExcluding: "1.0.2.64", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7B1506EC-709B-4A5D-9CA9-4038C5F0B150", versionEndExcluding: "1.0.2.82", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "312443FE-741B-4D78-8ACE-B21758D34769", versionEndExcluding: "3.2.16.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "23F1DF08-6E1C-43F5-A7F4-98A3C4B3ACE0", versionEndExcluding: "3.2.16.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4C2D9DA7-7408-4076-B596-5ADB2E990FA3", versionEndExcluding: "3.2.16.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "430F3059-40B9-45DC-B62B-2C657478CA3E", versionEndExcluding: "3.2.16.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C44212CB-5096-4330-A252-E0A1D9E0D291", versionEndExcluding: "3.2.16.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E2E64953-F629-462E-AE4B-30DE927FBFF1", versionEndExcluding: "3.2.16.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX7500 before 1.0.0.72, R6400 before 1.0.1.68, R6900P before 1.3.2.132, R7000 before 1.0.11.116, R7000P before 1.3.2.132, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.66, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, MK62 before 1.0.6.110, MR60 before 1.0.6.110, R6400v2 before 1.0.4.106, R8000P before 1.4.1.66, RAX20 before 1.0.2.64, RAX45 before 1.0.2.82, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, R6700v3 before 1.0.4.106, R7900P before 1.4.1.66, RAX15 before 1.0.2.64, RAX50 before 1.0.2.82, RAX75 before 1.0.3.106, RBR750 before 3.2.16.22, RBR850 before 3.2.16.22, RBS750 before 3.2.16.22, RBS850 before 3.2.16.22, RBK752 before 3.2.16.22, and RBK852 before 3.2.16.22.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, EAX20 versiones anteriores a 1.0.0.48, EAX80 versiones anteriores a 1.0.1.64, EX7500 versiones anteriores a 1.0.0.72, R6400 versiones anteriores a 1.0.1.68, R6900P versiones anteriores a 1.3.2.132, R7000 versiones anteriores a 1.0.11.116, R7000P versiones anteriores a 1.3.2. 132, R7900 versiones anteriores a 1.0.4.38, R7960P versiones anteriores a 1.4.1.66, R8000 versiones anteriores a 1.0.4.66, RAX200 versiones anteriores a 1.0.3.106, RS400 versiones anteriores a 1.5.1.80, XR300 versiones anteriores a 1.0.3.68, MK62 versiones anteriores a 1.0.6.110, MR60 versiones anteriores a 1.0.6.110, R6400v2 versiones anteriores a 1. 0.4.106, R8000P versiones anteriores a 1.4.1.66, RAX20 versiones anteriores a 1.0.2.64, RAX45 versiones anteriores a 1.0.2.82, RAX80 versiones anteriores a 1.0.3.106, MS60 versiones anteriores a 1.0.6.110, R6700v3 versiones anteriores a 1.0.4.106, R7900P versiones anteriores a 1.4.1.66, RAX15 versiones anteriores a 1.0.2. 64, RAX50 versiones anteriores a 1.0.2.82, RAX75 versiones anteriores a 1.0.3.106, RBR750 versiones anteriores a 3.2.16.22, RBR850 versiones anteriores a 3.2.16.22, RBS750 versiones anteriores a 3.2.16.22, RBS850 versiones anteriores a 3.2.16.22, RBK752 versiones anteriores a 3.2.16.22 y RBK852 versiones anteriores a 3.2.16.22", }, ], id: "CVE-2021-45617", lastModified: "2024-11-21T06:32:41.140", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:18.567", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064505/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0156", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064505/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0156", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900 before 1.0.4.38, R7900P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rax200_firmware | * | |
| netgear | rax200 | - | |
| netgear | mr60_firmware | * | |
| netgear | mr60 | - | |
| netgear | rax45_firmware | * | |
| netgear | rax45 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | ms60_firmware | * | |
| netgear | ms60 | - | |
| netgear | rax50_firmware | * | |
| netgear | rax50 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | r7900_firmware | * | |
| netgear | r7900 | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r7900p_firmware | * | |
| netgear | r7900p | - | |
| netgear | r8000p_firmware | * | |
| netgear | r8000p | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04513F08-329D-446F-A356-29074C1C0BEA", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F1EBAB4-F713-4AC5-AECC-9E9D61FF3576", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7932C371-669C-43C0-94A4-17BD4BDE8C74", versionEndExcluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E445DBA-2B45-410C-9288-1A4472452CE1", versionEndExcluding: "1.0.6.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8B99059-161F-42D4-8AD8-478ABB7DE4B6", versionEndExcluding: "1.0.2.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "96390A31-03B8-477B-8710-F797CB44E741", versionEndExcluding: "1.0.4.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*", matchCriteriaId: "C484840F-AF30-4B5C-821A-4DB9BE407BDB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D10E41DC-982F-444A-9A4D-82EC2BA64199", versionEndExcluding: "1.0.4.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900 before 1.0.4.38, R7900P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a R7900 versiones anteriores a 1.0.4.38, a R7900P versiones anteriores a 1.4.2.84, a R8000 versiones anteriores a 1.0.4.68, a R8000P versiones anteriores a 1.4.2.84, a RAX200 versiones anteriores a 1.0.3.106, al MR60 versiones anteriores a 1.0.6.110, a RAX45 versiones anteriores a 1.0.2.72, a RAX80 versiones anteriores a 1.0.3.106, al MS60 versiones anteriores a 1. 0.6.110, RAX50 versiones anteriores a 1.0.2.72, RAX75 versiones anteriores a 1.0.3.106, RBR750 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBK752 versiones anteriores a 3.2.16.6 y RBK852 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45541", lastModified: "2024-11-21T06:32:27.987", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:14.937", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0246", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0246", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-23 07:15
Modified
2024-11-21 06:00
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBR752 before 3.2.17.12, RBR753 before 3.2.17.12, RBR753S before 3.2.17.12, RBR754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbk853_firmware | * | |
| netgear | rbk853 | - | |
| netgear | rbk854_firmware | * | |
| netgear | rbk854 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbr752_firmware | * | |
| netgear | rbr752 | - | |
| netgear | rbr753_firmware | * | |
| netgear | rbr753 | - | |
| netgear | rbr753s_firmware | * | |
| netgear | rbr753s | - | |
| netgear | rbr754_firmware | * | |
| netgear | rbr754 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "64DF0B69-B591-47B6-88C1-82544AA3DE9B", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*", matchCriteriaId: "4479CEAD-3B87-4993-80C8-1AE59242CFA4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "106863FF-9BE9-4C18-9A86-C458FF9EBDD6", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*", matchCriteriaId: "01D12702-8B86-419C-8636-1259FD2D5844", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CCE2E74C-7472-41C9-B48B-4F6D09819694", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr752:-:*:*:*:*:*:*:*", matchCriteriaId: "7A727637-4CB0-4CDF-86D6-91B72E8F1A67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr753_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1B8A2AE8-D24F-4FE9-BCB5-629F879CD921", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr753:-:*:*:*:*:*:*:*", matchCriteriaId: "749C2A47-CC43-433F-8FC7-EAC9853E32AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr753s_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "725B56D3-FE36-4A77-B723-A7A3D8DD0443", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr753s:-:*:*:*:*:*:*:*", matchCriteriaId: "C08A0E20-90A3-4D49-8E06-97944C3EF312", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr754_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EAC29540-B53A-4033-B998-8E6BAB033FF5", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr754:-:*:*:*:*:*:*:*", matchCriteriaId: "DE7FE0A5-16D7-4AEC-A3B1-940F44E5492F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBR752 before 3.2.17.12, RBR753 before 3.2.17.12, RBR753S before 3.2.17.12, RBR754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autentificado. Esto afecta a RBK852 versiones anteriores a 3.2.17.12, RBK853 versiones anteriores a 3.2.17.12, RBK854 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, RBR752 versiones anteriores a 3. 2.17.12, RBR753 versiones anteriores a 3.2.17.12, RBR753S versiones anteriores a 3.2.17.12, RBR754 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12 y RBS750 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-29071", lastModified: "2024-11-21T06:00:38.910", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-23T07:15:13.560", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063008/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000063008/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0476", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7483E92A-5858-49B5-9499-E132941F5ACD", versionEndExcluding: "2.5.0.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C2D1C234-22F1-4837-9D04-059170A97072", versionEndExcluding: "1.0.0.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "48709EA4-81F3-4CF1-B9A8-5379309914B0", versionEndExcluding: "1.1.6.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*", matchCriteriaId: "491CEB8D-22F3-4F86-96F0-03C5C58BA295", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE40C2D0-0863-4E0F-B3E7-6FD043B46467", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*", matchCriteriaId: "69A79475-37BE-47BD-A629-DCEF22500B0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA438541-75AE-4D6B-AB56-02760D08D465", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*", matchCriteriaId: "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2234C485-F411-48CC-9A0B-AA49B6961E38", versionEndExcluding: "1.0.6.116", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*", matchCriteriaId: "F003F064-591C-4D7C-9EC4-D0E553BC6683", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2268D5EF-E7FA-4112-A468-507417E18FFF", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*", matchCriteriaId: "B624B4D3-BCF4-4F95-B401-A88BEC3145A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31289572-2197-4A38-8353-CA4AAD491160", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*", matchCriteriaId: "7038703C-C79D-4DD4-8B16-E1A5FC6694C0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax35v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "841D857C-3387-43E0-A3AF-0E81CBEE3E40", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax35v2:-:*:*:*:*:*:*:*", matchCriteriaId: "9358B2F2-D24E-434D-AEE5-6CE093598793", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax40v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4FF0E5B9-8D2D-4A3F-881E-2E3122B3577C", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax40v2:-:*:*:*:*:*:*:*", matchCriteriaId: "3CEAD12D-6D90-4CFB-9E59-2CEBD400C567", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax43_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AC89EAA-344C-438E-A5A5-2C34CF699743", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*", matchCriteriaId: "178BB386-F66C-4CE8-9283-37D22B304691", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0706367A-3F60-4564-8689-E0A46DDC31C2", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*", matchCriteriaId: "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "679C4EC5-D17E-469B-A28F-BF5E231CED3D", versionEndExcluding: "1.0.3.96", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*", matchCriteriaId: "C430976E-24C0-4EA7-BF54-F9C188AB9C01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr1000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F615F516-29EF-4C15-9E18-C5D4F6291A38", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr1000:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD4ED11-4130-47DA-8A9D-55B8F6E3E213", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:mr80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29757651-068E-4646-AAD8-2CF8FD08B34C", versionEndExcluding: "1.1.2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:mr80:-:*:*:*:*:*:*:*", matchCriteriaId: "2A086E76-3F23-4C21-AC96-F11372A8A186", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ms80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1582E16D-ACEE-4E33-9D52-9DD25C035EA8", versionEndExcluding: "1.1.2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ms80:-:*:*:*:*:*:*:*", matchCriteriaId: "DE1A0669-790A-4EE7-A0DC-6E1023D6B4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a CBR40 versiones anteriores a 2.5.0.24, CBR750 versiones anteriores a 4.6.3.6, D7000v2 versiones anteriores a 1.0.0.74, LAX20 versiones anteriores a 1.1.6.28, MK62 versiones anteriores a 1.0.6.116, MR60 versiones anteriores a 1.0.6. 116, MS60 versiones anteriores a 1.0.6.116, MR80 versiones anteriores a 1.1.2.20, MS80 versiones anteriores a 1.1.2.20, RAX15 versiones anteriores a 1.0.3.96, RAX20 versiones anteriores a 1.0.3.96, RAX200 versiones anteriores a 1.0.4.120, RAX45 versiones anteriores a 1.0.3. 96, RAX50 versiones anteriores a 1.0.3.96, RAX43 versiones anteriores a 1.0.3.96, RAX40v2 versiones anteriores a 1.0.3.96, RAX35v2 versiones anteriores a 1.0.3.96, RAX75 versiones anteriores a 1.0.4.120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3. 2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS850 versiones anteriores a 3.2.17.12, y XR1000 versiones anteriores a 1.0.0.58", }, ], id: "CVE-2021-45613", lastModified: "2024-11-21T06:32:40.303", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:18.383", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45578", lastModified: "2024-11-21T06:32:34.410", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.697", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064100/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0086", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064100/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0086", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.3.106, RAX80 before 1.0.3.106, RAX75 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rax200_firmware | * | |
| netgear | rax200 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rbk752 | - | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04513F08-329D-446F-A356-29074C1C0BEA", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34D7AF28-F117-4E31-AED8-A3179B1BE182", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C0318AD0-52A7-490F-94C1-D07C97370D2C", versionEndExcluding: "1.0.3.106", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.3.106, RAX80 before 1.0.3.106, RAX75 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RAX200 versiones anteriores a 1.0.3.106, RAX80 versiones anteriores a 1.0.3.106, RAX75 versiones anteriores a 1.0.3.106, RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45535", lastModified: "2024-11-21T06:32:26.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:14.647", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064457/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0052", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064457/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0052", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r7850_firmware | * | |
| netgear | r7850 | - | |
| netgear | r7900p_firmware | * | |
| netgear | r7900p | - | |
| netgear | r7960p_firmware | * | |
| netgear | r7960p | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8000p_firmware | * | |
| netgear | r8000p | - | |
| netgear | rax200_firmware | * | |
| netgear | rax200 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8491F80C-E57A-4862-B969-F43799A47D06", versionEndExcluding: "1.0.5.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A662FDCF-DC41-4DC9-B77E-BE1D636AC0B3", versionEndExcluding: "1.0.4.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a R7850 versiones anteriores a 1.0.5.74, a R7900P versiones anteriores a 1.4.2.84, a R7960P versiones anteriores a 1.4.2.84, a R8000 versiones anteriores a 1.0.4.74, a R8000P versiones anteriores a 1.4.2.84, a RAX200 versiones anteriores a 1.0.4.120, a RAX75 versiones anteriores a 1.0.4. 120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45546", lastModified: "2024-11-21T06:32:28.830", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:15.177", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064524/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0566", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064524/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0566", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | cbr750_firmware | * | |
| netgear | cbr750 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A87D3ACB-B5A3-4F1F-BF46-73C0AD690D8C", versionEndExcluding: "4.6.3.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "CBD14EFC-C6EF-485B-A594-73B8525704A5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una omisión de autenticación. Esto afecta a CBR750 versiones anteriores a 4.6.3.6, RBK752 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45502", lastModified: "2024-11-21T06:32:21.600", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:12.983", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064126/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0473", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064126/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0473", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45565", lastModified: "2024-11-21T06:32:32.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.083", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064086/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0069", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064086/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0069", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45592", lastModified: "2024-11-21T06:32:36.713", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.347", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064114/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0100", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064114/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0100", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45591", lastModified: "2024-11-21T06:32:36.560", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.300", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064113/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0099", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064113/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0099", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | r7850_firmware | * | |
| netgear | r7850 | - | |
| netgear | r7900p_firmware | * | |
| netgear | r7900p | - | |
| netgear | r7960p_firmware | * | |
| netgear | r7960p | - | |
| netgear | r8000_firmware | * | |
| netgear | r8000 | - | |
| netgear | r8000p_firmware | * | |
| netgear | r8000p | - | |
| netgear | rax200_firmware | * | |
| netgear | rax200 | - | |
| netgear | rax75_firmware | * | |
| netgear | rax75 | - | |
| netgear | rax80_firmware | * | |
| netgear | rax80 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - | |
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8491F80C-E57A-4862-B969-F43799A47D06", versionEndExcluding: "1.0.5.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7850:-:*:*:*:*:*:*:*", matchCriteriaId: "DAF94D73-B6D0-4334-9A41-83AA92B7C6DF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA344C08-94F1-47F8-9607-3D854B890E19", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33B2293C-09AD-4B5A-B2A0-923E2B9923AA", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7960p:-:*:*:*:*:*:*:*", matchCriteriaId: "091CEDB5-0069-4253-86D8-B9FE17CB9F24", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A662FDCF-DC41-4DC9-B77E-BE1D636AC0B3", versionEndExcluding: "1.0.4.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*", matchCriteriaId: "5B39F095-8FE8-43FD-A866-7B613B495984", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4905D866-2326-487F-AAA5-96ABA0DBD56E", versionEndExcluding: "1.4.2.84", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6334DE4D-E78B-4582-9C6F-6123DA5192C7", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*", matchCriteriaId: "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDF9F3BA-4239-4F4D-A65E-A6752A5420F6", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*", matchCriteriaId: "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "334BB384-5C29-4D24-9F82-B8EE8D0CA8BF", versionEndExcluding: "1.0.4.120", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*", matchCriteriaId: "06B5A85C-3588-4263-B9AD-4E56D3F6CB16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "845C1FCC-F54B-452A-B121-1CD1A7867027", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "01E0EF50-145F-407A-8915-4EFFCD833505", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DC5A075-0619-409C-B057-41015B8C54B3", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8D90FF3-F5CE-43DF-ACF7-C64DBDCCA185", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B6AE1767-9D9A-4E9E-B088-6727FACFDE5C", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F614A1AB-F0C0-45D7-8D91-ECA3C1AA9165", versionEndExcluding: "3.2.17.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, and RBS850 before 3.2.17.12.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a R7850 versiones anteriores a 1.0.5.74, a R7900P versiones anteriores a 1.4.2.84, a R7960P versiones anteriores a 1.4.2.84, a R8000 versiones anteriores a 1.0.4.74, a R8000P versiones anteriores a 1.4.2.84, a RAX200 versiones anteriores a 1.0.4.120, a RAX75 versiones anteriores a 1.0.4. 120, RAX80 versiones anteriores a 1.0.4.120, RBK752 versiones anteriores a 3.2.17.12, RBK852 versiones anteriores a 3.2.17.12, RBR750 versiones anteriores a 3.2.17.12, RBR850 versiones anteriores a 3.2.17.12, RBS750 versiones anteriores a 3.2.17.12 y RBS850 versiones anteriores a 3.2.17.12", }, ], id: "CVE-2021-45547", lastModified: "2024-11-21T06:32:29.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:15.227", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064525/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0567", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064525/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0567", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45569", lastModified: "2024-11-21T06:32:32.893", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:16.277", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064091/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0077", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064091/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0077", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-21 18:15
Modified
2024-11-21 07:16
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbs750_firmware | 4.6.8.5 | |
| netgear | rbs750 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:4.6.8.5:*:*:*:*:*:*:*", matchCriteriaId: "7CE366C8-EEC7-4725-AA02-C4ED5E204E01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.", }, ], id: "CVE-2022-38452", lastModified: "2024-11-21T07:16:30.377", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "talos-cna@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-21T18:15:12.193", references: [ { source: "talos-cna@cisco.com", url: "https://kb.netgear.com/000065567/Security-Advisory-for-Post-authentication-Command-Injection-on-the-RBR750-PSV-2022-0186", }, { source: "talos-cna@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1595", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kb.netgear.com/000065567/Security-Advisory-for-Post-authentication-Command-Injection-on-the-RBR750-PSV-2022-0186", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1595", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1595", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-912", }, ], source: "talos-cna@cisco.com", type: "Primary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.4 (High) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbk752_firmware | * | |
| netgear | rbk752 | - | |
| netgear | rbr750_firmware | * | |
| netgear | rbr750 | - | |
| netgear | rbs750_firmware | * | |
| netgear | rbs750 | - | |
| netgear | rbk852_firmware | * | |
| netgear | rbk852 | - | |
| netgear | rbr850_firmware | * | |
| netgear | rbr850 | - | |
| netgear | rbs850_firmware | * | |
| netgear | rbs850 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDD03FFF-ECAF-4527-A195-559DF479A0F2", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*", matchCriteriaId: "A45832BD-114D-42F1-B9F1-7532496D30A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*", matchCriteriaId: "C13F5C69-FA9B-472A-9036-0C2967BDCDE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C144D71-6C10-44CD-BFF9-907A92F0432C", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*", matchCriteriaId: "B529194C-C440-4BC3-850F-0613FC548F86", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*", matchCriteriaId: "14F257FE-31CE-4F74-829D-29407D74ADF7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FE13548D-0A26-45C1-8424-D4705EB105EA", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*", matchCriteriaId: "D92E4C8E-222A-476C-8273-F7171FC61F0B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "041D94DE-78C9-475C-9FAE-0B081C69B55F", versionEndExcluding: "3.2.16.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*", matchCriteriaId: "221CA950-E984-44CD-9E1B-3AADE3CEBE52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a RBK752 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6 y RBS850 versiones anteriores a 3.2.16.6", }, ], id: "CVE-2021-45586", lastModified: "2024-11-21T06:32:35.763", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.070", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064108/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0094", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000064108/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0094", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }