CRITICAL✓ PATCH🇬🇧 English

CVE-2021-45624

CVSS 9.6v3.1pub. 2021-12-26upd. 2024-11-21

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R7000 before 1.0.11.110, R7100LG before 1.0.0.72, R7900 before 1.0.4.30, R8000 before 1.0.4.62, XR300 before 1.0.3.56, R7000P before 1.3.2.132, R8500 before 1.0.2.144, R6900P before 1.3.2.132, and R8300 before 1.0.2.144.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Netgear D7000v2

    HW
    Netgear
    wszystkie wersje
  • Netgear D7000v2 Firmware

    OS
    Netgear
    < 1.0.0.66
  • Netgear D8500

    HW
    Netgear
    wszystkie wersje
  • Netgear D8500 Firmware

    OS
    Netgear
    < 1.0.3.58
  • Netgear R6900p

    HW
    Netgear
    wszystkie wersje
  • Netgear R6900p Firmware

    OS
    Netgear
    < 1.3.2.132
  • Netgear R7000

    HW
    Netgear
    wszystkie wersje
  • Netgear R7000 Firmware

    OS
    Netgear
    < 1.0.11.110
  • Netgear R7000p

    HW
    Netgear
    wszystkie wersje
  • Netgear R7000p Firmware

    OS
    Netgear
    < 1.3.2.132
  • Netgear R7100lg

    HW
    Netgear
    wszystkie wersje
  • Netgear R7100lg Firmware

    OS
    Netgear
    < 1.0.0.72
  • Netgear R7900

    HW
    Netgear
    wszystkie wersje
  • Netgear R7900 Firmware

    OS
    Netgear
    < 1.0.4.30
  • Netgear R8000

    HW
    Netgear
    wszystkie wersje
  • Netgear R8000 Firmware

    OS
    Netgear
    < 1.0.4.62
  • Netgear R8300

    HW
    Netgear
    wszystkie wersje
  • Netgear R8300 Firmware

    OS
    Netgear
    < 1.0.2.144
  • Netgear R8500

    HW
    Netgear
    wszystkie wersje
  • Netgear R8500 Firmware

    OS
    Netgear
    < 1.0.2.144
  • Netgear Xr300

    HW
    Netgear
    wszystkie wersje
  • Netgear Xr300 Firmware

    OS
    Netgear
    < 1.0.3.56
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2023-36187CRITICAL9.8ten sam produkt

Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attac...

CVE-2023-38928CRITICAL9.8ten sam produkt

Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password paramete...

CVE-2022-48322CRITICAL9.8ten sam produkt

NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. T...

CVE-2022-44186CRITICAL9.8ten sam produkt

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.

CVE-2022-44184CRITICAL9.8ten sam produkt

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec.