Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-38528
HistoryAug 11, 2021 - 12:16 a.m.

CVE-2021-38528

2021-08-1100:16:23
CWE-77
[email protected]
web.nvd.nist.gov
45
4
netgear
command injection
cve-2021-38528
vulnerability
unauthenticated access
nvd
xr300
r7100lg
r7000p
r6900p
d8500
wndr3400v3

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6900P before 1.3.2.132, R7000P before 1.3.2.132, R7100LG before 1.0.0.64, WNDR3400v3 before 1.0.1.38, and XR300 before 1.0.3.56.

Affected configurations

NVD
Node
netgeard8500_firmwareRange<1.0.3.58
AND
netgeard8500Match-
Node
netgearr6900p_firmwareRange<1.3.2.132
AND
netgearr6900pMatch-
Node
netgearr7000p_firmwareRange<1.3.2.132
AND
netgearr7000pMatch-
Node
netgearr7100lg_firmwareRange<1.0.0.64
AND
netgearr7100lgMatch-
Node
netgearwndr3400_firmwareRange<1.0.1.38
AND
netgearwndr3400Matchv3
Node
netgearxr300_firmwareRange<1.0.3.56
AND
netgearxr300Match-

Social References

More

Related

prion 1
cvelist 1
nvd 1
prion
prion
Command injection
2021-08-11 00:16:00
cvelist
cvelist
CVE-2021-38528
2021-08-11 00:00:51
nvd
nvd
CVE-2021-38528
2021-08-11 00:16:23

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.2%

JSON
Related for CVE-2021-38528
prion1cvelist1nvd1