Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2021-27255

šŸ—“ļøĀ 05 Mar 2021Ā 20:00:24Reported byĀ zdiTypeĀ 
cve
Ā cvešŸ”—Ā web.nvd.nist.govšŸ“°ļøĀ 4Ā Media mentionsšŸ‘Ā 74Ā Views

CVE-2021-27255 allows remote code execution on NETGEAR R7800 firmware v1.0.2.76. No authentication needed. Vulnerability in refresh_status.aspx allows starting a service without authentication. Exploitation leads to code execution as root.

Related
Detection
Affected
Refs
Social
ReporterTitlePublishedViews
Family
Circl		CVE-2021-27255
5 Mar 202122:47
ā€“circl
CNNVD		Netgear NETGEAR R7800 Access Control Error Vulnerability
26 Feb 202100:00
ā€“cnnvd
Cvelist		CVE-2021-27255
5 Mar 202120:00
ā€“cvelist
EUVD		EUVD-2021-14020
7 Oct 202500:30
ā€“euvd
NVD		CVE-2021-27255
5 Mar 202120:15
ā€“nvd
OSV		CVE-2021-27255
5 Mar 202120:15
ā€“osv
Prion		Design/Logic Flaw
5 Mar 202120:15
ā€“prion
RedhatCVE		CVE-2021-27255
9 Jan 202609:20
ā€“redhatcve
Zero Day Initiative		(Pwn2Own) NETGEAR R7800 funjsq_httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability
26 Feb 202100:00
ā€“zdi
NVD
Vulners
Node
netgearbr200_firmwareRange<5.10.0.5
AND
netgearbr200Match-
Node
netgearbr500_firmwareRange<5.10.0.5
AND
netgearbr500Match-
Node
netgeard7800_firmwareRange<1.0.1.60
AND
netgeard7800Match-
Node
netgearex6100v2_firmwareRange<1.0.1.98
AND
netgearex6100v2Match-
Node
netgearex6150v2_firmwareRange<1.0.1.98
AND
netgearex6150v2Match-
Node
netgearex6250_firmwareRange<1.0.0.134
AND
netgearex6250Match-
Node
netgearex6400_firmwareRange<1.0.2.158
AND
netgearex6400Match-
Node
netgearex6400v2_firmwareRange<1.0.0.134
AND
netgearex6400v2Match-
Node
netgearex6410_firmwareRange<1.0.0.134
AND
netgearex6410Match-
Node
netgearex6420_firmwareRange<1.0.0.134
AND
netgearex6420Match-
Node
netgearex7300_firmwareRange<1.0.2.158
AND
netgearex7300Match-
Node
netgearex7300v2_firmwareRange<1.0.0.134
AND
netgearex7300v2Match-
Node
netgearex7320_firmwareRange<1.0.0.134
AND
netgearex7320Match-
Node
netgearex7700_firmwareRange<1.0.0.216
AND
netgearex7700Match-
Node
netgearex8000_firmwareRange<1.0.1.232
AND
netgearex8000Match-
Node
netgearlbr20_firmwareRange<2.6.3.50
AND
netgearlbr20Match-
Node
netgearr7800_firmwareRange<1.0.2.80
AND
netgearr7800Match-
Node
netgearr8900_firmwareRange<1.0.5.28
AND
netgearr8900Match-
Node
netgearr9000_firmwareRange<1.0.5.28
AND
netgearr9000Match-
Node
netgearrbk12_firmwareRange<2.7.2.104
AND
netgearrbk12Match-
Node
netgearrbk13_firmwareRange<2.7.2.104
AND
netgearrbk13Match-
Node
netgearrbk14_firmwareRange<2.7.2.104
AND
netgearrbk14Match-
Node
netgearrbk15_firmwareRange<2.7.2.104
AND
netgearrbk15Match-
Node
netgearrbk20_firmwareRange<2.6.2.104
AND
netgearrbk20Match-
Node
netgearrbk23_firmwareRange<2.7.2.104
AND
netgearrbk23Match-
Node
netgearrbk40_firmwareRange<2.6.2.104
AND
netgearrbk40Match-
Node
netgearrbk43_firmwareRange<2.6.2.104
AND
netgearrbk43Match-
Node
netgearrbk43s_firmwareRange<2.6.2.104
AND
netgearrbk43sMatch-
Node
netgearrbk44_firmwareRange<2.6.2.104
AND
netgearrbk44Match-
Node
netgearrbk50_firmwareRange<2.7.2.104
AND
netgearrbk50Match-
Node
netgearrbk53_firmwareRange<2.7.2.104
AND
netgearrbk53Match-
Node
netgearrbr10_firmwareRange<2.6.2.104
AND
netgearrbr10Match-
Node
netgearrbr20_firmwareRange<2.6.2.104
AND
netgearrbr20Match-
Node
netgearrbr40_firmwareRange<2.6.2.104
AND
netgearrbr40Match-
Node
netgearrbr50_firmwareRange<2.7.2.104
AND
netgearrbr50Match-
Node
netgearrbs10_firmwareRange<2.6.2.104
AND
netgearrbs10Match-
Node
netgearrbs20_firmwareRange<2.6.2.104
AND
netgearrbs20Match-
Node
netgearrbs40_firmwareRange<2.6.2.104
AND
netgearrbs40Match-
Node
netgearrbs50_firmwareRange<2.7.2.104
AND
netgearrbs50Match-
Node
netgearrbs50y_firmwareRange<2.6.2.104
AND
netgearrbs50yMatch-
Node
netgearxr450_firmwareRange<2.3.2.114
AND
netgearxr450Match-
Node
netgearxr500_firmwareRange<2.3.2.114
AND
netgearxr500Match-
Node
netgearxr700_firmwareRange<1.0.1.38
AND
netgearxr700Match-
[
  {
    "product": "R7800",
    "vendor": "NETGEAR",
    "versions": [
      {
        "status": "affected",
        "version": "firmware version 1.0.2.76"
      }
    ]
  }
]

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 05:57Current
9High risk
Vulners AI Score9
CVSS 28.3
CVSS 3.18.8
CVSS 36.3
EPSS0.01665
CWE-306
cve202127255netgearr7800firmwarevulnerabilityremote code executionauthentication bypassrefresh_status.aspxroot accesszdi-can-12360
74