CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2021-38528

CVSS 9.6v3.1pub. 2021-08-11upd. 2024-11-21

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6900P before 1.3.2.132, R7000P before 1.3.2.132, R7100LG before 1.0.0.64, WNDR3400v3 before 1.0.1.38, and XR300 before 1.0.3.56.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Netgear D8500

    HW
    Netgear
    wszystkie wersje
  • Netgear D8500 Firmware

    OS
    Netgear
    < 1.0.3.58
  • Netgear R6900p

    HW
    Netgear
    wszystkie wersje
  • Netgear R6900p Firmware

    OS
    Netgear
    < 1.3.2.132
  • Netgear R7000p

    HW
    Netgear
    wszystkie wersje
  • Netgear R7000p Firmware

    OS
    Netgear
    < 1.3.2.132
  • Netgear R7100lg

    HW
    Netgear
    wszystkie wersje
  • Netgear R7100lg Firmware

    OS
    Netgear
    < 1.0.0.64
  • Netgear Wndr3400

    HW
    Netgear
    v3
  • Netgear Wndr3400 Firmware

    OS
    Netgear
    < 1.0.1.38
  • Netgear Xr300

    HW
    Netgear
    wszystkie wersje
  • Netgear Xr300 Firmware

    OS
    Netgear
    < 1.0.3.56
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2023-36187CRITICAL9.8ten sam produkt

Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attac...

CVE-2023-38928CRITICAL9.8ten sam produkt

Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password paramete...

CVE-2022-48322CRITICAL9.8ten sam produkt

NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. T...

CVE-2022-44188CRITICAL9.8ten sam produkt

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering...

CVE-2022-44186CRITICAL9.8ten sam produkt

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.