Lucene search

MitreCVELIST:CVE-2021-45556

HistoryDec 26, 2021 - 12:50 a.m.

CVE-2021-45556

2021-12-2600:50:54

mitre

www.cve.org

7.5 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.0%

JSON

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2.

References

kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Smart-Managed-Pro-Switches-PSV-2021-0175

7.5 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.0%

JSON

Related for CVELIST:CVE-2021-45556