Lucene search

ZdiCVELIST:CVE-2021-34977

HistoryJan 13, 2022 - 9:44 p.m.

CVE-2021-34977

2022-01-1321:44:31

CWE-288

zdi

www.cve.org

vulnerability

authentication bypass

netgear r7000

routers

soap requests

password reset

admin password

zdi-can-13483

cve-2021-34977

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

33.4%

JSON

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP requests. The issue results from the lack of proper authentication verification before performing a password reset. An attacker can leverage this vulnerability to reset the admin password. Was ZDI-CAN-13483.

CNA Affected

[
  {
    "product": "R7000",
    "vendor": "NETGEAR",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.11.116_10.2.100"
      }
    ]
  }
]

References

kb.netgear.com/000064046/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-DSL-Modem-Routers-PSV-2021-0134

www.zerodayinitiative.com/advisories/ZDI-21-1239/

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.1

Confidence

High

EPSS

0.001

Percentile

33.4%

JSON

Related for CVELIST:CVE-2021-34977