Lucene search

MitreCVE-2021-41788

HistoryDec 26, 2021 - 12:15 a.m.

CVE-2021-41788

2021-12-2600:15:10

CWE-20

mitre

web.nvd.nist.gov

mediatek

wi-fi

authentication

vulnerability

netgear

mt7603e

mt7612

mt7613

mt7615

mt7622

mt7628

mt7629

mt7915

7.4.0.0

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

54.0%

JSON

MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. (Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0).

Affected configurations

Nvd

Node

mediatekmt7603eMatch-

AND

mediatekmt7603e_firmwareMatch7.4.0.0

Node

mediatekmt7612Match-

AND

mediatekmt7612_firmwareMatch7.4.0.0

Node

mediatekmt7613Match-

AND

mediatekmt7613_firmwareMatch7.4.0.0

Node

mediatekmt7615Match-

AND

mediatekmt7615_firmwareMatch7.4.0.0

Node

mediatekmt7622Match-

AND

mediatekmt7622_firmwareMatch7.4.0.0

Node

mediatekmt7628Match-

AND

mediatekmt7628_firmwareMatch7.4.0.0

Node

mediatekmt7629Match-

AND

mediatekmt7629_firmwareMatch7.4.0.0

Node

mediatekmt7915Match-

AND

mediatekmt7915_firmwareMatch7.4.0.0

VendorProductVersionCPE
mediatekmt7603e-cpe:2.3:h:mediatek:mt7603e:-:*:*:*:*:*:*:*
mediatekmt7603e_firmware7.4.0.0cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:*:*:*:*:*:*:*
mediatekmt7612-cpe:2.3:h:mediatek:mt7612:-:*:*:*:*:*:*:*
mediatekmt7612_firmware7.4.0.0cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:*:*:*:*:*:*:*
mediatekmt7613-cpe:2.3:h:mediatek:mt7613:-:*:*:*:*:*:*:*
mediatekmt7613_firmware7.4.0.0cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:*:*:*:*:*:*:*
mediatekmt7615-cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*
mediatekmt7615_firmware7.4.0.0cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:*:*:*:*:*:*:*
mediatekmt7622-cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*
mediatekmt7622_firmware7.4.0.0cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mediatek	mt7603e	-	cpe:2.3:h:mediatek:mt7603e:-:::::::*
mediatek	mt7603e_firmware	7.4.0.0	cpe:2.3:o:mediatek:mt7603e_firmware:7.4.0.0:::::::*
mediatek	mt7612	-	cpe:2.3:h:mediatek:mt7612:-:::::::*
mediatek	mt7612_firmware	7.4.0.0	cpe:2.3:o:mediatek:mt7612_firmware:7.4.0.0:::::::*
mediatek	mt7613	-	cpe:2.3:h:mediatek:mt7613:-:::::::*
mediatek	mt7613_firmware	7.4.0.0	cpe:2.3:o:mediatek:mt7613_firmware:7.4.0.0:::::::*
mediatek	mt7615	-	cpe:2.3:h:mediatek:mt7615:-:::::::*
mediatek	mt7615_firmware	7.4.0.0	cpe:2.3:o:mediatek:mt7615_firmware:7.4.0.0:::::::*
mediatek	mt7622	-	cpe:2.3:h:mediatek:mt7622:-:::::::*
mediatek	mt7622_firmware	7.4.0.0	cpe:2.3:o:mediatek:mt7622_firmware:7.4.0.0:::::::*

Rows per page:

1-10 of 161

References

corp.mediatek.com/product-security-bulletin/January-2022

kb.netgear.com/000064369/Security-Advisory-for-WiFi-Authentication-Flooding-Vulnerabilities-on-Multiple-Products-PSV-2021-0299-PSV-2021-0301

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

54.0%

JSON

Related for CVE-2021-41788