Lucene search

ZdiCVELIST:CVE-2021-34865

HistoryJan 25, 2022 - 3:30 p.m.

CVE-2021-34865

2022-01-2515:30:34

CWE-287

zdi

www.cve.org

vulnerability

authentication bypass

netgear routers

privilege escalation

arbitrary code execution

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.7%

JSON

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13313.

CNA Affected

[
  {
    "product": "Multiple Routers",
    "vendor": "NETGEAR",
    "versions": [
      {
        "status": "affected",
        "version": "1.2.0.76_1.0.1"
      }
    ]
  }
]

References

kb.netgear.com/000063955/Security-Advisory-for-Authentication-Bypass-Vulnerability-on-Some-Routers-PSV-2021-0083?article=000063955

www.zerodayinitiative.com/advisories/ZDI-21-1051/

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.7%

JSON

Related for CVELIST:CVE-2021-34865