Multiple NETGEAR Product Command Injection Vulnerabilities (CNVD-2021-63379)

2020-04-1700:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.0004 Low

EPSS

Percentile

12.8%

JSON

NETGEAR EX7000 is a wireless network signal extender, NETGEAR DGN2200 is a wireless router, and NETGEAR R6400 is a wireless router. A command injection vulnerability exists in multiple NETGEAR products. The vulnerability stems from a network system or product that does not properly filter special elements of external input data during the construction of executable commands. An attacker could use this vulnerability to execute illegal commands.

CPENameOperatorVersion
netgear r6400v2 <1.eq0.2.44
netgear r8500 <1.eq0.2.106
netgear r8300 <1.eq0.2.106
netgear ex3700 <1.eq0.0.70
netgear ex3800 <1.eq0.0.70
netgear ex6000 <1.eq0.0.30
netgear ex6120 <1.eq0.0.40
netgear ex6130 <1.eq0.0.22
netgear ex6200 <1.eq0.3.88
netgear ex7000 <1.eq0.0.66

Name	Operator	Version
netgear r6400v2 <1.	eq	0.2.44
netgear r8500 <1.	eq	0.2.106
netgear r8300 <1.	eq	0.2.106
netgear ex3700 <1.	eq	0.0.70
netgear ex3800 <1.	eq	0.0.70
netgear ex6000 <1.	eq	0.0.30
netgear ex6120 <1.	eq	0.0.40
netgear ex6130 <1.	eq	0.0.22
netgear ex6200 <1.	eq	0.3.88
netgear ex7000 <1.	eq	0.0.66

Rows per page:

1-10 of 341

0.0004 Low

EPSS

Percentile

12.8%

JSON

Related for CNVD-2021-63379