Lucene search

[email protected]NVD:CVE-2021-45648

HistoryDec 26, 2021 - 1:15 a.m.

CVE-2021-45648

2021-12-2601:15:20

CWE-200

[email protected]

web.nvd.nist.gov

netgear

disclosure

sensitive information

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

54.4%

JSON

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EX6100v2 before 1.0.1.106, EX6150v2 before 1.0.1.106, EX6250 before 1.0.0.146, EX6400 before 1.0.2.164, EX6400v2 before 1.0.0.146, EX6410 before 1.0.0.146, EX6420 before 1.0.0.146, EX7300 before 1.0.2.164, EX7300v2 before 1.0.0.146, EX7320 before 1.0.0.146, EX7700 before 1.0.0.222, LBR1020 before 2.6.5.16, LBR20 before 2.6.5.2, RBK352 before 4.3.4.7, RBK50 before 2.7.3.22, RBR350 before 4.3.4.7, RBR50 before 2.7.3.22, and RBS350 before 4.3.4.7.

Affected configurations

Nvd

Node

netgearex6100v2_firmwareRange<1.0.1.106

AND

netgearex6100v2Match-

Node

netgearex6150v2_firmwareRange<1.0.1.106

AND

netgearex6150v2Match-

Node

netgearex6250_firmwareRange<1.0.0.146

AND

netgearex6250Match-

Node

netgearex6400_firmwareRange<1.0.2.164

AND

netgearex6400Match-

Node

netgearex6400v2_firmwareRange<1.0.0.146

AND

netgearex6400v2Match-

Node

netgearex6410_firmwareRange<1.0.0.146

AND

netgearex6410Match-

Node

netgearex6420_firmwareRange<1.0.0.146

AND

netgearex6420Match-

Node

netgearex7300_firmwareRange<1.0.2.164

AND

netgearex7300Match-

Node

netgearex7300v2_firmwareRange<1.0.0.146

AND

netgearex7300v2Match-

Node

netgearex7320_firmwareRange<1.0.0.146

AND

netgearex7320Match-

Node

netgearex7700_firmwareRange<1.0.0.222

AND

netgearex7700Match-

Node

netgearlbr1020_firmwareRange<2.6.5.16

AND

netgearlbr1020Match-

Node

netgearlbr20_firmwareRange<2.6.5.2

AND

netgearlbr20Match-

Node

netgearrbk352_firmwareRange<4.3.4.7

AND

netgearrbk352Match-

Node

netgearrbk50_firmwareRange<2.7.3.22

AND

netgearrbk50Match-

Node

netgearrbr350_firmwareRange<4.3.4.7

AND

netgearrbr350Match-

Node

netgearrbr50_firmwareRange<2.7.3.22

AND

netgearrbr50Match-

Node

netgearrbs350_firmwareRange<4.3.4.7

AND

netgearrbs350Match-

VendorProductVersionCPE
netgearex6100v2_firmware*cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*
netgearex6100v2-cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*
netgearex6150v2_firmware*cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*
netgearex6150v2-cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*
netgearex6250_firmware*cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*
netgearex6250-cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*
netgearex6400_firmware*cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*
netgearex6400-cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*
netgearex6400v2_firmware*cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*
netgearex6400v2-cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	ex6100v2_firmware	*	cpe:2.3:o:netgear:ex6100v2_firmware::::::::
netgear	ex6100v2	-	cpe:2.3:h:netgear:ex6100v2:-:::::::*
netgear	ex6150v2_firmware	*	cpe:2.3:o:netgear:ex6150v2_firmware::::::::
netgear	ex6150v2	-	cpe:2.3:h:netgear:ex6150v2:-:::::::*
netgear	ex6250_firmware	*	cpe:2.3:o:netgear:ex6250_firmware::::::::
netgear	ex6250	-	cpe:2.3:h:netgear:ex6250:-:::::::*
netgear	ex6400_firmware	*	cpe:2.3:o:netgear:ex6400_firmware::::::::
netgear	ex6400	-	cpe:2.3:h:netgear:ex6400:-:::::::*
netgear	ex6400v2_firmware	*	cpe:2.3:o:netgear:ex6400v2_firmware::::::::
netgear	ex6400v2	-	cpe:2.3:h:netgear:ex6400v2:-:::::::*

Rows per page:

1-10 of 361

References

kb.netgear.com/000064494/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0453

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

54.4%

JSON

Related for NVD:CVE-2021-45648

cvelist1 cve1 prion1