cvelistv5 - cve-2021-27256

cve-2021-27256

Vulnerability from cvelistv5

Published

2021-03-05 20:00

Modified

2024-08-03 20:48

Severity ?

8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.

References

URL	Tags
zdi-disclosures@trendmicro.com	https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders	Patch, Vendor Advisory
zdi-disclosures@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-21-262/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-21-262/	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	NETGEAR	R7800	Version: firmware version 1.0.2.76

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T20:48:16.076Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "R7800",
               vendor: "NETGEAR",
               versions: [
                  {
                     status: "affected",
                     version: "firmware version 1.0.2.76",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "takeshi",
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-03-05T20:00:25",
            orgId: "99f1926a-a320-47d8-bbb5-42feb611262e",
            shortName: "zdi",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "zdi-disclosures@trendmicro.com",
               ID: "CVE-2021-27256",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "R7800",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "firmware version 1.0.2.76",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "NETGEAR",
                     },
                  ],
               },
            },
            credit: "takeshi",
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.",
                  },
               ],
            },
            impact: {
               cvss: {
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
                     refsource: "MISC",
                     url: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
                  },
                  {
                     name: "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
                     refsource: "MISC",
                     url: "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "99f1926a-a320-47d8-bbb5-42feb611262e",
      assignerShortName: "zdi",
      cveId: "CVE-2021-27256",
      datePublished: "2021-03-05T20:00:25",
      dateReserved: "2021-02-16T00:00:00",
      dateUpdated: "2024-08-03T20:48:16.076Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2021-27256\",\"sourceIdentifier\":\"zdi-disclosures@trendmicro.com\",\"published\":\"2021-03-05T20:15:12.550\",\"lastModified\":\"2024-11-21T05:57:42.160\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.\"},{\"lang\":\"es\",\"value\":\"Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar código arbitrario en instalaciones afectadas de NETGEAR R7800 versión de firmware 1.0.2.76.&#xa0;Aunque es requerida una autenticación para explotar esta vulnerabilidad, el mecanismo de autentificación existente puede ser omitido.&#xa0;El fallo específico se presenta dentro del manejo del parámetro rc_service proporcionado para el archivo apply_save.cgi.&#xa0;El problema resulta de la falta de comprobación apropiada de una cadena suministrada por el usuario antes de usarla para ejecutar una llamada al sistema.&#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto de root.&#xa0;Era ZDI-CAN-12355\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":8.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":6.5,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.0.5\",\"matchCriteriaId\":\"9680E98E-021B-4C71-AAA0-AEF49C6AD95F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CED01605-09B9-417E-AE6F-1F62888A0C93\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.0.5\",\"matchCriteriaId\":\"89EDAF30-2238-495C-920F-F32CC17C046B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"261C0D85-C951-4F0C-B9C4-0E42B15834EE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.60\",\"matchCriteriaId\":\"6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA2D4987-3726-4A72-8D32-592F59FAC46D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.98\",\"matchCriteriaId\":\"53C5C134-0778-4098-B8B4-F9589516C297\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.98\",\"matchCriteriaId\":\"597D1ED8-FE6A-4325-83AB-5CA544CFA1AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5828F04B-E373-4E4F-942D-08CCA038418C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.158\",\"matchCriteriaId\":\"9A60E332-CA18-4617-B7C1-4BE82470DE34\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1289BBB4-1955-46A4-B5FE-BF11153C24F5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"208CF907-B3ED-4A7D-BA5B-16A00F44683D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5882095F-B22A-4937-BA08-6640140F10AE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"74ED019D-C07A-44BE-BD3E-30885C748DDA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C63267D8-4632-4D14-B39C-BEEC62AD8F87\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"34EB68F4-B710-47C9-A01B-A6361B185A19\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B2C00E1-4A23-4304-B92F-B7D9F4818D90\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.158\",\"matchCriteriaId\":\"374F6EAA-A607-4A8F-BA86-EA770BA99189\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F285D60D-A5DA-4467-8F79-15EF8135D007\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"E02DD6E2-3A3E-4857-9761-1B40FFA4E755\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A88D2A3-3B22-4639-94E9-69CE80F37392\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"E53DAB63-389B-4B73-8F75-231320DC71C8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.216\",\"matchCriteriaId\":\"D8DC1B77-994C-473C-AC97-7CC06341C607\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.232\",\"matchCriteriaId\":\"B4F00B47-FFC8-4D45-B49E-8347504A9A4C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D9781C9-799A-4BDA-A027-987627A01633\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.3.50\",\"matchCriteriaId\":\"37C80013-2E0F-459F-BE08-18D60B109AC0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"863E45EA-2DA0-4C9A-9B87-79E42B3FF97C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.80\",\"matchCriteriaId\":\"3A43D307-64B1-46BF-8237-75518D1703CC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17CF7445-6950-45FE-9D1A-E23F63316329\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.5.28\",\"matchCriteriaId\":\"01F57C27-EB5A-4F3E-ADF7-684DF8860DA2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F859165-8D89-4CDD-9D48-9C7923D2261F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.5.28\",\"matchCriteriaId\":\"8F67B805-17B5-4053-8399-0AFB2EF6E1D4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"2135FFEC-0437-43C6-B146-3EF43E1B007B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5465A78-4826-4F72-9CBE-528CBF286A79\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"5A413E57-A780-486E-AF85-EE460C99D696\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"783EEEE0-BB9A-4C54-82B2-046B1033091C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"E19C965E-FA8D-4B42-BCB1-23788621DF45\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B801EC38-5B86-49F2-AB81-63F0F07A9BBE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"DAA4BD93-AE89-4506-936F-26C605685193\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6C9F31C-3E12-4787-9C9B-14883D9D152A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"33146BAB-5A18-4A1F-BDD8-3BB33200CDB2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D7D346-6F52-4473-A4EA-6059C177BF0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"85AD5F45-F940-4FB5-B4D4-E44D816A3449\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"564B0FDF-7159-42EA-9CAA-BEF791274915\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC2B9C48-9FE6-462B-88EE-046F15E66430\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"998C6A17-5ADC-47F1-AF63-9B425143C086\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5604E66-E9CC-4B78-AF6A-2341B30E3594\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"252643DB-46F7-41E9-96E0-0669DD486E5F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1924FC8B-4031-4EA3-B214-AF6F77D94654\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"1FBFA62B-2EBC-426A-98DC-235879902E72\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA66D07-D017-49D6-8E72-5C48E940DE1B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"66034CFD-1303-4B90-AF70-18B7EDBEFE32\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF03B2BB-34BB-4A0D-81CD-1841E524F885\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"237758B3-C096-465F-95C4-EB3F9835D91F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DADAA79-9A5C-4B6F-A58D-704ACD1C3334\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"217B0E6E-BCC9-4D12-ADD4-E2C65323018B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE5DBD66-9C2A-4EFF-87AB-03E791D584B5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"C8E13FC6-D0BF-4674-8A3B-FF5D81B15059\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E20E59-2B1E-4E43-A494-2C20FD716D4F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"82504AE8-4D6F-4A49-A611-FBFB303CD237\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2CAEA32-6934-4743-9E6B-22D52AC5E7F8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"41B066B3-37CD-4839-909B-A8EC636E5F11\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32BAB5C0-F645-4A90-833F-6345335FA1AF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"9CED8944-D61A-4FDA-A9DB-76CBED16F338\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FDCDE39-0355-43B9-BF57-F3718DA2988D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BCFD959-D522-4FA0-AD01-2937DAEE1EDF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"56489CFF-D34F-4C66-B69B-FB2CE4333D75\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27F93A76-6EFF-4DA6-9129-4792E2C125D4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.2.114\",\"matchCriteriaId\":\"FF01111F-8A37-4366-A63E-210E6CE0DB0E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.2.114\",\"matchCriteriaId\":\"4476F0C6-0A7D-4735-940C-F5C75316EEE9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.38\",\"matchCriteriaId\":\"1D92A0CE-769D-402F-8FD7-BDD8DF247CFD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E12892C8-5E01-49A6-BF47-09D630377093\"}]}]}],\"references\":[{\"url\":\"https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders\",\"source\":\"zdi-disclosures@trendmicro.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-262/\",\"source\":\"zdi-disclosures@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-262/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}",
   },
}

fkie_cve-2021-27256

Vulnerability from fkie_nvd

Published

2021-03-05 20:15

Modified

2024-11-21 05:57

Severity ?

8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
zdi-disclosures@trendmicro.com	https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders	Patch, Vendor Advisory
zdi-disclosures@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-21-262/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-21-262/	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
netgear	br200_firmware	*
netgear	br200	-
netgear	br500_firmware	*
netgear	br500	-
netgear	d7800_firmware	*
netgear	d7800	-
netgear	ex6100v2_firmware	*
netgear	ex6100v2	-
netgear	ex6150v2_firmware	*
netgear	ex6150v2	-
netgear	ex6250_firmware	*
netgear	ex6250	-
netgear	ex6400_firmware	*
netgear	ex6400	-
netgear	ex6400v2_firmware	*
netgear	ex6400v2	-
netgear	ex6410_firmware	*
netgear	ex6410	-
netgear	ex6420_firmware	*
netgear	ex6420	-
netgear	ex7300_firmware	*
netgear	ex7300	-
netgear	ex7300v2_firmware	*
netgear	ex7300v2	-
netgear	ex7320_firmware	*
netgear	ex7320	-
netgear	ex7700_firmware	*
netgear	ex7700	-
netgear	ex8000_firmware	*
netgear	ex8000	-
netgear	lbr20_firmware	*
netgear	lbr20	-
netgear	r7800_firmware	*
netgear	r7800	-
netgear	r8900_firmware	*
netgear	r8900	-
netgear	r9000_firmware	*
netgear	r9000	-
netgear	rbk12_firmware	*
netgear	rbk12	-
netgear	rbk13_firmware	*
netgear	rbk13	-
netgear	rbk14_firmware	*
netgear	rbk14	-
netgear	rbk15_firmware	*
netgear	rbk15	-
netgear	rbk20_firmware	*
netgear	rbk20	-
netgear	rbk23_firmware	*
netgear	rbk23	-
netgear	rbk40_firmware	*
netgear	rbk40	-
netgear	rbk43_firmware	*
netgear	rbk43	-
netgear	rbk43s_firmware	*
netgear	rbk43s	-
netgear	rbk44_firmware	*
netgear	rbk44	-
netgear	rbk50_firmware	*
netgear	rbk50	-
netgear	rbk53_firmware	*
netgear	rbk53	-
netgear	rbr10_firmware	*
netgear	rbr10	-
netgear	rbr20_firmware	*
netgear	rbr20	-
netgear	rbr40_firmware	*
netgear	rbr40	-
netgear	rbr50_firmware	*
netgear	rbr50	-
netgear	rbs10_firmware	*
netgear	rbs10	-
netgear	rbs20_firmware	*
netgear	rbs20	-
netgear	rbs40_firmware	*
netgear	rbs40	-
netgear	rbs50_firmware	*
netgear	rbs50	-
netgear	rbs50y_firmware	*
netgear	rbs50y	-
netgear	xr450_firmware	*
netgear	xr450	-
netgear	xr500_firmware	*
netgear	xr500	-
netgear	xr700_firmware	*
netgear	xr700	-

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9680E98E-021B-4C71-AAA0-AEF49C6AD95F",
                     versionEndExcluding: "5.10.0.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CED01605-09B9-417E-AE6F-1F62888A0C93",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "89EDAF30-2238-495C-920F-F32CC17C046B",
                     versionEndExcluding: "5.10.0.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "261C0D85-C951-4F0C-B9C4-0E42B15834EE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD",
                     versionEndExcluding: "1.0.1.60",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "53C5C134-0778-4098-B8B4-F9589516C297",
                     versionEndExcluding: "1.0.1.98",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "597D1ED8-FE6A-4325-83AB-5CA544CFA1AF",
                     versionEndExcluding: "1.0.1.98",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5828F04B-E373-4E4F-942D-08CCA038418C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3",
                     versionEndExcluding: "1.0.0.134",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A60E332-CA18-4617-B7C1-4BE82470DE34",
                     versionEndExcluding: "1.0.2.158",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1289BBB4-1955-46A4-B5FE-BF11153C24F5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "208CF907-B3ED-4A7D-BA5B-16A00F44683D",
                     versionEndExcluding: "1.0.0.134",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5882095F-B22A-4937-BA08-6640140F10AE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "74ED019D-C07A-44BE-BD3E-30885C748DDA",
                     versionEndExcluding: "1.0.0.134",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C63267D8-4632-4D14-B39C-BEEC62AD8F87",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34EB68F4-B710-47C9-A01B-A6361B185A19",
                     versionEndExcluding: "1.0.0.134",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B2C00E1-4A23-4304-B92F-B7D9F4818D90",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "374F6EAA-A607-4A8F-BA86-EA770BA99189",
                     versionEndExcluding: "1.0.2.158",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F285D60D-A5DA-4467-8F79-15EF8135D007",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E02DD6E2-3A3E-4857-9761-1B40FFA4E755",
                     versionEndExcluding: "1.0.0.134",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A88D2A3-3B22-4639-94E9-69CE80F37392",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E53DAB63-389B-4B73-8F75-231320DC71C8",
                     versionEndExcluding: "1.0.0.134",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8DC1B77-994C-473C-AC97-7CC06341C607",
                     versionEndExcluding: "1.0.0.216",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4F00B47-FFC8-4D45-B49E-8347504A9A4C",
                     versionEndExcluding: "1.0.1.232",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D9781C9-799A-4BDA-A027-987627A01633",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "37C80013-2E0F-459F-BE08-18D60B109AC0",
                     versionEndExcluding: "2.6.3.50",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A43D307-64B1-46BF-8237-75518D1703CC",
                     versionEndExcluding: "1.0.2.80",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "01F57C27-EB5A-4F3E-ADF7-684DF8860DA2",
                     versionEndExcluding: "1.0.5.28",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F67B805-17B5-4053-8399-0AFB2EF6E1D4",
                     versionEndExcluding: "1.0.5.28",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2135FFEC-0437-43C6-B146-3EF43E1B007B",
                     versionEndExcluding: "2.7.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5465A78-4826-4F72-9CBE-528CBF286A79",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5A413E57-A780-486E-AF85-EE460C99D696",
                     versionEndExcluding: "2.7.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "783EEEE0-BB9A-4C54-82B2-046B1033091C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10",
                     versionEndExcluding: "2.7.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E19C965E-FA8D-4B42-BCB1-23788621DF45",
                     versionEndExcluding: "2.7.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B801EC38-5B86-49F2-AB81-63F0F07A9BBE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAA4BD93-AE89-4506-936F-26C605685193",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "33146BAB-5A18-4A1F-BDD8-3BB33200CDB2",
                     versionEndExcluding: "2.7.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D7D346-6F52-4473-A4EA-6059C177BF0F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "85AD5F45-F940-4FB5-B4D4-E44D816A3449",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "564B0FDF-7159-42EA-9CAA-BEF791274915",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC2B9C48-9FE6-462B-88EE-046F15E66430",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "998C6A17-5ADC-47F1-AF63-9B425143C086",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5604E66-E9CC-4B78-AF6A-2341B30E3594",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "252643DB-46F7-41E9-96E0-0669DD486E5F",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1924FC8B-4031-4EA3-B214-AF6F77D94654",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FBFA62B-2EBC-426A-98DC-235879902E72",
                     versionEndExcluding: "2.7.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "66034CFD-1303-4B90-AF70-18B7EDBEFE32",
                     versionEndExcluding: "2.7.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CF03B2BB-34BB-4A0D-81CD-1841E524F885",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "237758B3-C096-465F-95C4-EB3F9835D91F",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "217B0E6E-BCC9-4D12-ADD4-E2C65323018B",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8E13FC6-D0BF-4674-8A3B-FF5D81B15059",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "82504AE8-4D6F-4A49-A611-FBFB303CD237",
                     versionEndExcluding: "2.7.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "41B066B3-37CD-4839-909B-A8EC636E5F11",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32BAB5C0-F645-4A90-833F-6345335FA1AF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9CED8944-D61A-4FDA-A9DB-76CBED16F338",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA",
                     versionEndExcluding: "2.7.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "56489CFF-D34F-4C66-B69B-FB2CE4333D75",
                     versionEndExcluding: "2.6.2.104",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "27F93A76-6EFF-4DA6-9129-4792E2C125D4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF01111F-8A37-4366-A63E-210E6CE0DB0E",
                     versionEndExcluding: "2.3.2.114",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4476F0C6-0A7D-4735-940C-F5C75316EEE9",
                     versionEndExcluding: "2.3.2.114",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D92A0CE-769D-402F-8FD7-BDD8DF247CFD",
                     versionEndExcluding: "1.0.1.38",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E12892C8-5E01-49A6-BF47-09D630377093",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.",
      },
      {
         lang: "es",
         value: "Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar código arbitrario en instalaciones afectadas de NETGEAR R7800 versión de firmware 1.0.2.76.&#xa0;Aunque es requerida una autenticación para explotar esta vulnerabilidad, el mecanismo de autentificación existente puede ser omitido.&#xa0;El fallo específico se presenta dentro del manejo del parámetro rc_service proporcionado para el archivo apply_save.cgi.&#xa0;El problema resulta de la falta de comprobación apropiada de una cadena suministrada por el usuario antes de usarla para ejecutar una llamada al sistema.&#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto de root.&#xa0;Era ZDI-CAN-12355",
      },
   ],
   id: "CVE-2021-27256",
   lastModified: "2024-11-21T05:57:42.160",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 8.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "zdi-disclosures@trendmicro.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-03-05T20:15:12.550",
   references: [
      {
         source: "zdi-disclosures@trendmicro.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
      },
      {
         source: "zdi-disclosures@trendmicro.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
      },
   ],
   sourceIdentifier: "zdi-disclosures@trendmicro.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "zdi-disclosures@trendmicro.com",
         type: "Primary",
      },
   ],
}

gsd-2021-27256

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2021-27256

Aliases

CVE-2021-27256

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2021-27256",
      description: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.",
      id: "GSD-2021-27256",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2021-27256",
         ],
         details: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.",
         id: "GSD-2021-27256",
         modified: "2023-12-13T01:23:35.432824Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "zdi-disclosures@trendmicro.com",
            ID: "CVE-2021-27256",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "R7800",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "firmware version 1.0.2.76",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "NETGEAR",
                  },
               ],
            },
         },
         credit: "takeshi",
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.",
               },
            ],
         },
         impact: {
            cvss: {
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
                  refsource: "MISC",
                  url: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
               },
               {
                  name: "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
                  refsource: "MISC",
                  url: "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "5.10.0.5",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "5.10.0.5",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.1.60",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.1.98",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.1.98",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.134",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.2.158",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.134",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.134",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.134",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.2.158",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.134",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.134",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.0.216",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.1.232",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.3.50",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.2.80",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.5.28",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.5.28",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.7.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.7.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.7.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.7.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.7.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.7.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.7.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.7.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.7.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.6.2.104",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.3.2.114",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "2.3.2.114",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndExcluding: "1.0.1.38",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "zdi-disclosures@trendmicro.com",
               ID: "CVE-2021-27256",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "CWE-78",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "N/A",
                     refsource: "N/A",
                     tags: [
                        "Third Party Advisory",
                        "VDB Entry",
                     ],
                     url: "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
                  },
                  {
                     name: "N/A",
                     refsource: "N/A",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
                  },
               ],
            },
         },
         impact: {
            baseMetricV2: {
               acInsufInfo: false,
               cvssV2: {
                  accessComplexity: "LOW",
                  accessVector: "ADJACENT_NETWORK",
                  authentication: "NONE",
                  availabilityImpact: "COMPLETE",
                  baseScore: 8.3,
                  confidentialityImpact: "COMPLETE",
                  integrityImpact: "COMPLETE",
                  vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                  version: "2.0",
               },
               exploitabilityScore: 6.5,
               impactScore: 10,
               obtainAllPrivilege: false,
               obtainOtherPrivilege: false,
               obtainUserPrivilege: false,
               severity: "HIGH",
               userInteractionRequired: false,
            },
            baseMetricV3: {
               cvssV3: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               exploitabilityScore: 2.8,
               impactScore: 5.9,
            },
         },
         lastModifiedDate: "2021-03-16T19:35Z",
         publishedDate: "2021-03-05T20:15Z",
      },
   },
}

var-202103-0947

Vulnerability from variot

Show details on source website

JSON

To clipboard

{
   affected_products: {
      _id: null,
      data: [
         {
            _id: null,
            model: "rbk53",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.7.2.104",
         },
         {
            _id: null,
            model: "r9000",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.5.28",
         },
         {
            _id: null,
            model: "ex6250",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.134",
         },
         {
            _id: null,
            model: "r7800",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.2.80",
         },
         {
            _id: null,
            model: "rbr20",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "r8900",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.5.28",
         },
         {
            _id: null,
            model: "rbk20",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "rbk40",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "ex6400",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.2.158",
         },
         {
            _id: null,
            model: "rbs50",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.7.2.104",
         },
         {
            _id: null,
            model: "rbs10",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "rbk12",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.7.2.104",
         },
         {
            _id: null,
            model: "rbs40",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "d7800",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.1.60",
         },
         {
            _id: null,
            model: "ex6420",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.134",
         },
         {
            _id: null,
            model: "ex7300",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.2.158",
         },
         {
            _id: null,
            model: "ex6400v2",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.134",
         },
         {
            _id: null,
            model: "ex7320",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.134",
         },
         {
            _id: null,
            model: "rbr50",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.7.2.104",
         },
         {
            _id: null,
            model: "rbk13",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.7.2.104",
         },
         {
            _id: null,
            model: "rbk23",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.7.2.104",
         },
         {
            _id: null,
            model: "br200",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "5.10.0.5",
         },
         {
            _id: null,
            model: "rbk44",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "xr500",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.3.2.114",
         },
         {
            _id: null,
            model: "lbr20",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.3.50",
         },
         {
            _id: null,
            model: "ex6150v2",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.1.98",
         },
         {
            _id: null,
            model: "rbs20",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "ex6410",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.134",
         },
         {
            _id: null,
            model: "rbs50y",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "rbk50",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.7.2.104",
         },
         {
            _id: null,
            model: "xr450",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.3.2.114",
         },
         {
            _id: null,
            model: "br500",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "5.10.0.5",
         },
         {
            _id: null,
            model: "rbk14",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.7.2.104",
         },
         {
            _id: null,
            model: "ex7300v2",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.134",
         },
         {
            _id: null,
            model: "xr700",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.1.38",
         },
         {
            _id: null,
            model: "rbr40",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "ex6100v2",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.1.98",
         },
         {
            _id: null,
            model: "rbk43",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "ex7700",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.0.216",
         },
         {
            _id: null,
            model: "rbr10",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "rbk43s",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.6.2.104",
         },
         {
            _id: null,
            model: "ex8000",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "1.0.1.232",
         },
         {
            _id: null,
            model: "rbk15",
            scope: "lt",
            trust: 1,
            vendor: "netgear",
            version: "2.7.2.104",
         },
         {
            _id: null,
            model: "ex6150v2",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "ex6400v2",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "ex6100v2",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "d7800",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "br200",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "ex6250",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "ex6420",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "ex6410",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "ex6400",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "br500",
            scope: null,
            trust: 0.8,
            vendor: "ネットギア",
            version: null,
         },
         {
            _id: null,
            model: "r7800",
            scope: null,
            trust: 0.7,
            vendor: "netgear",
            version: null,
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-262",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
         },
         {
            db: "NVD",
            id: "CVE-2021-27256",
         },
      ],
   },
   credits: {
      _id: null,
      data: "takeshi",
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-262",
         },
      ],
      trust: 0.7,
   },
   cve: "CVE-2021-27256",
   cvss: {
      _id: null,
      data: [
         {
            cvssV2: [
               {
                  accessComplexity: "LOW",
                  accessVector: "ADJACENT_NETWORK",
                  authentication: "NONE",
                  author: "nvd@nist.gov",
                  availabilityImpact: "COMPLETE",
                  baseScore: 8.3,
                  confidentialityImpact: "COMPLETE",
                  exploitabilityScore: 6.5,
                  id: "CVE-2021-27256",
                  impactScore: 10,
                  integrityImpact: "COMPLETE",
                  severity: "HIGH",
                  trust: 1.9,
                  vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                  version: "2.0",
               },
            ],
            cvssV3: [
               {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  author: "zdi-disclosures@trendmicro.com",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 2.8,
                  id: "CVE-2021-27256",
                  impactScore: 5.9,
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  trust: 1.8,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  author: "nvd@nist.gov",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 2.8,
                  id: "CVE-2021-27256",
                  impactScore: 5.9,
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  trust: 1,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT",
                  author: "ZDI",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  exploitabilityScore: 2.8,
                  id: "CVE-2021-27256",
                  impactScore: 5.9,
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  trust: 0.7,
                  userInteraction: "NONE",
                  vectorString: "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            ],
            severity: [
               {
                  author: "nvd@nist.gov",
                  id: "CVE-2021-27256",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "zdi-disclosures@trendmicro.com",
                  id: "CVE-2021-27256",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "NVD",
                  id: "CVE-2021-27256",
                  trust: 0.8,
                  value: "High",
               },
               {
                  author: "ZDI",
                  id: "CVE-2021-27256",
                  trust: 0.7,
                  value: "HIGH",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-202102-1749",
                  trust: 0.6,
                  value: "HIGH",
               },
               {
                  author: "VULMON",
                  id: "CVE-2021-27256",
                  trust: 0.1,
                  value: "HIGH",
               },
            ],
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-262",
         },
         {
            db: "VULMON",
            id: "CVE-2021-27256",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202102-1749",
         },
         {
            db: "NVD",
            id: "CVE-2021-27256",
         },
         {
            db: "NVD",
            id: "CVE-2021-27256",
         },
      ],
   },
   description: {
      _id: null,
      data: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355. NETGEAR R7800 For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-12355 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
      sources: [
         {
            db: "NVD",
            id: "CVE-2021-27256",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
         },
         {
            db: "ZDI",
            id: "ZDI-21-262",
         },
         {
            db: "VULMON",
            id: "CVE-2021-27256",
         },
      ],
      trust: 2.34,
   },
   external_ids: {
      _id: null,
      data: [
         {
            db: "NVD",
            id: "CVE-2021-27256",
            trust: 3.2,
         },
         {
            db: "ZDI",
            id: "ZDI-21-262",
            trust: 3.2,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
            trust: 0.8,
         },
         {
            db: "ZDI_CAN",
            id: "ZDI-CAN-12355",
            trust: 0.7,
         },
         {
            db: "CNNVD",
            id: "CNNVD-202102-1749",
            trust: 0.6,
         },
         {
            db: "VULMON",
            id: "CVE-2021-27256",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-262",
         },
         {
            db: "VULMON",
            id: "CVE-2021-27256",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202102-1749",
         },
         {
            db: "NVD",
            id: "CVE-2021-27256",
         },
      ],
   },
   id: "VAR-202103-0947",
   iot: {
      _id: null,
      data: true,
      sources: [
         {
            db: "VARIoT devices database",
            id: null,
         },
      ],
      trust: 0.26161140789473686,
   },
   last_update_date: "2024-11-23T22:57:58.511000Z",
   patch: {
      _id: null,
      data: [
         {
            title: "Security Advisory for Multiple Vulnerabilities on Some Routers, Satellites, and Extenders",
            trust: 1.5,
            url: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
         },
         {
            title: "NETGEAR Security vulnerabilities",
            trust: 0.6,
            url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142980",
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-262",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202102-1749",
         },
      ],
   },
   problemtype_data: {
      _id: null,
      data: [
         {
            problemtype: "CWE-78",
            trust: 1,
         },
         {
            problemtype: "OS Command injection (CWE-78) [ Other ]",
            trust: 0.8,
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
         },
         {
            db: "NVD",
            id: "CVE-2021-27256",
         },
      ],
   },
   references: {
      _id: null,
      data: [
         {
            trust: 3.2,
            url: "https://www.zerodayinitiative.com/advisories/zdi-21-262/",
         },
         {
            trust: 2.4,
            url: "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders",
         },
         {
            trust: 1.4,
            url: "https://nvd.nist.gov/vuln/detail/cve-2021-27256",
         },
         {
            trust: 0.1,
            url: "https://cwe.mitre.org/data/definitions/78.html",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov",
         },
      ],
      sources: [
         {
            db: "ZDI",
            id: "ZDI-21-262",
         },
         {
            db: "VULMON",
            id: "CVE-2021-27256",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
         },
         {
            db: "CNNVD",
            id: "CNNVD-202102-1749",
         },
         {
            db: "NVD",
            id: "CVE-2021-27256",
         },
      ],
   },
   sources: {
      _id: null,
      data: [
         {
            db: "ZDI",
            id: "ZDI-21-262",
            ident: null,
         },
         {
            db: "VULMON",
            id: "CVE-2021-27256",
            ident: null,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
            ident: null,
         },
         {
            db: "CNNVD",
            id: "CNNVD-202102-1749",
            ident: null,
         },
         {
            db: "NVD",
            id: "CVE-2021-27256",
            ident: null,
         },
      ],
   },
   sources_release_date: {
      _id: null,
      data: [
         {
            date: "2021-02-26T00:00:00",
            db: "ZDI",
            id: "ZDI-21-262",
            ident: null,
         },
         {
            date: "2021-03-05T00:00:00",
            db: "VULMON",
            id: "CVE-2021-27256",
            ident: null,
         },
         {
            date: "2021-11-22T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2021-004431",
            ident: null,
         },
         {
            date: "2021-02-26T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202102-1749",
            ident: null,
         },
         {
            date: "2021-03-05T20:15:12.550000",
            db: "NVD",
            id: "CVE-2021-27256",
            ident: null,
         },
      ],
   },
   sources_update_date: {
      _id: null,
      data: [
         {
            date: "2021-02-26T00:00:00",
            db: "ZDI",
            id: "ZDI-21-262",
            ident: null,
         },
         {
            date: "2021-03-16T00:00:00",
            db: "VULMON",
            id: "CVE-2021-27256",
            ident: null,
         },
         {
            date: "2021-11-22T05:39:00",
            db: "JVNDB",
            id: "JVNDB-2021-004431",
            ident: null,
         },
         {
            date: "2021-03-19T00:00:00",
            db: "CNNVD",
            id: "CNNVD-202102-1749",
            ident: null,
         },
         {
            date: "2024-11-21T05:57:42.160000",
            db: "NVD",
            id: "CVE-2021-27256",
            ident: null,
         },
      ],
   },
   threat_type: {
      _id: null,
      data: "remote or local",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-202102-1749",
         },
      ],
      trust: 0.6,
   },
   title: {
      _id: null,
      data: "NETGEAR R7800  In firmware  OS  Command injection vulnerability",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2021-004431",
         },
      ],
      trust: 0.8,
   },
   type: {
      _id: null,
      data: "operating system commend injection",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-202102-1749",
         },
      ],
      trust: 0.6,
   },
}

ghsa-7j9h-j7vq-452x

Vulnerability from github

Published

2022-05-24 17:43

Modified

2022-05-24 17:43

Details

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2021-27256",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-78",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2021-03-05T20:15:00Z",
      severity: "HIGH",
   },
   details: "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.",
   id: "GHSA-7j9h-j7vq-452x",
   modified: "2022-05-24T17:43:47Z",
   published: "2022-05-24T17:43:47Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2021-27256",
      },
      {
         type: "WEB",
         url: "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
      },
      {
         type: "WEB",
         url: "https://www.zerodayinitiative.com/advisories/ZDI-21-262",
      },
   ],
   schema_version: "1.4.0",
   severity: [],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2021-27256

Vulnerability from cvelistv5

fkie_cve-2021-27256

Vulnerability from fkie_nvd

gsd-2021-27256

Vulnerability from gsd

var-202103-0947

Vulnerability from variot

ghsa-7j9h-j7vq-452x

Vulnerability from github

Tags

Sightings

Nomenclature