Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2021-40866

🗓️ 13 Sep 2021 07:16:58Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 48 Views🌐 WEB

NETGEAR smart switches affected by unauthenticated remote admin password chang

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
CNNVD		NETGEAR 安全漏洞
13 Sep 202100:00
cnnvd
CNVD		Multiple NETGEAR Smart Switches Vulnerable to Input Validation Errors
14 Sep 202100:00
cnvd
Cvelist		CVE-2021-40866
13 Sep 202107:16
cvelist
EUVD		EUVD-2021-28021
3 Oct 202520:07
euvd
NCSC		Vulnerabilities fixed in Netgear SmartSwitches
17 Sep 202100:00
ncsc
NVD		CVE-2021-40866
13 Sep 202108:15
nvd
OSV		CVE-2021-40866
13 Sep 202108:15
osv
Prion		Authentication flaw
13 Sep 202108:15
prion
Positive Technologies		PT-2021-22993 · NetGear · Netgear Gc108P +15
13 Sep 202100:00
ptsecurity
RedhatCVE		CVE-2021-40866
6 Feb 202504:09
redhatcve
Rows per page
NVD
Node
netgeargc108p_firmwareRange<1.0.8.2
AND
netgeargc108pMatch-
Node
netgeargc108pp_firmwareRange<1.0.8.2
AND
netgeargc108ppMatch-
Node
netgeargs108t_firmwareRange<7.0.7.2
AND
netgeargs108tv3Match-
Node
netgeargs110tpp_firmwareRange<7.0.7.2
AND
netgeargs110tppMatch-
Node
netgeargs110tp_firmwareRange<7.0.7.2
AND
netgeargs110tpMatchv3
Node
netgeargs110tup_firmwareRange<1.0.5.3
AND
netgeargs110tupMatch-
Node
netgeargs308t_firmwareRange<1.0.3.2
AND
netgeargs308tMatch-
Node
netgeargs310tp_firmwareRange<1.0.3.2
AND
netgeargs310tpMatch-
Node
netgeargs710tup_firmwareRange<1.0.5.3
AND
netgeargs710tupMatch-
Node
netgeargs716tp_firmwareRange<1.0.4.2
AND
netgeargs716tpMatch-
Node
netgeargs716tpp_firmwareRange<1.0.4.2
AND
netgeargs716tppMatch-
Node
netgeargs724tpp_firmwareRange<2.0.6.3
AND
netgeargs724tppMatch-
Node
netgeargs724tp_firmwareRange<2.0.6.3
AND
netgeargs724tpMatchv2
Node
netgeargs728tpp_firmwareRange<6.0.8.2
AND
netgeargs728tppMatchv2
Node
netgeargs728tp_firmwareRange<6.0.8.2
AND
netgeargs728tpMatchv2
Node
netgeargs750e_firmwareRange<1.0.1.10
AND
netgeargs750eMatch-
Node
netgeargs752tpp_firmwareRange<6.0.8.2
AND
netgeargs752tppMatch-
Node
netgeargs752tp_firmwareRange<6.0.8.2
AND
netgeargs752tpMatchv2
Node
netgearms510txm_firmwareRange<1.0.4.2
AND
netgearms510txmMatch-
Node
netgearms510txup_firmwareRange<1.0.4.2
AND
netgearms510txupMatch-
ParameterPositionPathDescriptionCWE
authentication TLV missing from NSDP packetpathsqfs/bin/sccdUnauthenticated attacker can leverage NSDP packets lacking authentication to trigger remote admin password change via the sccd daemon.CWE-287
NSDP packet without authentication TLVpathsqfs/bin/sccdUnauthenticated attacker can leverage NSDP packets lacking authentication to trigger remote admin password change via the sccd daemon.CWE-287

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 06:24Current
8.9High risk
Vulners AI Score8.9
CVSS 25.4
CVSS 3.18.8 - 9.8
EPSS0.01428
cve-2021-40866netgearsmart switchesremote adminpassword changeunauthenticated attacker
48