Lucene search

K
nvd[email protected]NVD:CVE-2021-45616
HistoryDec 26, 2021 - 1:15 a.m.

CVE-2021-45616

2021-12-2601:15:18
CWE-77
web.nvd.nist.gov
11
netgear
command injection
vulnerability

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.005

Percentile

77.4%

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, and XR1000 before 1.0.0.58.

Affected configurations

Nvd
Node
netgearcbr750_firmwareRange<3.2.18.2
AND
netgearcbr750Match-
Node
netgearlax20_firmwareRange<1.1.6.28
AND
netgearlax20Match-
Node
netgearmk62_firmwareRange<1.0.6.116
AND
netgearmk62Match-
Node
netgearmr60_firmwareRange<1.0.6.116
AND
netgearmr60Match-
Node
netgearms60_firmwareRange<1.0.6.116
AND
netgearms60Match-
Node
netgearr6900p_firmwareRange<1.3.3.140
AND
netgearr6900pMatch-
Node
netgearr7000_firmwareRange<1.0.11.126
AND
netgearr7000Match-
Node
netgearr7000p_firmwareRange<1.3.3.140
AND
netgearr7000pMatch-
Node
netgearr7850_firmwareRange<1.0.5.68
AND
netgearr7850Match-
Node
netgearr7900_firmwareRange<1.0.4.46
AND
netgearr7900Match-
Node
netgearr7900p_firmwareRange<1.4.2.84
AND
netgearr7900pMatch-
Node
netgearr7960p_firmwareRange<1.4.2.84
AND
netgearr7960pMatch-
Node
netgearr8000_firmwareRange<1.0.4.68
AND
netgearr8000Match-
Node
netgearr8000p_firmwareRange<1.4.2.84
AND
netgearr8000pMatch-
Node
netgearrax15_firmwareRange<1.0.3.96
AND
netgearrax15Match-
Node
netgearrax20_firmwareRange<1.0.3.96
AND
netgearrax20Match-
Node
netgearrax200_firmwareRange<1.0.4.120
AND
netgearrax200Match-
Node
netgearrax35v2_firmwareRange<1.0.3.96
AND
netgearrax35v2Match-
Node
netgearrax40v2_firmwareRange<1.0.3.96
AND
netgearrax40v2Match-
Node
netgearrax43_firmwareRange<1.0.3.96
AND
netgearrax43Match-
Node
netgearrax45_firmwareRange<1.0.3.96
AND
netgearrax45Match-
Node
netgearrax50_firmwareRange<1.0.3.96
AND
netgearrax50Match-
Node
netgearrax75_firmwareRange<1.0.4.120
AND
netgearrax75Match-
Node
netgearrax80_firmwareRange<1.0.4.120
AND
netgearrax80Match-
Node
netgearrbk752_firmwareRange<3.2.17.12
AND
netgearrbk752Match-
Node
netgearrbk852_firmwareRange<3.2.17.12
AND
netgearrbk852Match-
Node
netgearrbr750_firmwareRange<3.2.17.12
AND
netgearrbr750Match-
Node
netgearrbr850_firmwareRange<3.2.17.12
AND
netgearrbr850Match-
Node
netgearrbs750_firmwareRange<3.2.17.12
AND
netgearrbs750Match-
Node
netgearrbs850_firmwareRange<3.2.17.12
AND
netgearrbs850Match-
Node
netgearrs400_firmwareRange<1.5.1.80
AND
netgearrs400Match-
Node
netgearxr1000_firmwareRange<1.0.0.58
AND
netgearxr1000Match-
VendorProductVersionCPE
netgearcbr750_firmware*cpe:2.3:o:netgear:cbr750_firmware:*:*:*:*:*:*:*:*
netgearcbr750-cpe:2.3:h:netgear:cbr750:-:*:*:*:*:*:*:*
netgearlax20_firmware*cpe:2.3:o:netgear:lax20_firmware:*:*:*:*:*:*:*:*
netgearlax20-cpe:2.3:h:netgear:lax20:-:*:*:*:*:*:*:*
netgearmk62_firmware*cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*
netgearmk62-cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*
netgearmr60_firmware*cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*
netgearmr60-cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*
netgearms60_firmware*cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*
netgearms60-cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 641

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.005

Percentile

77.4%

Related for NVD:CVE-2021-45616