Lucene search

MitreCVE-2021-45642

HistoryDec 26, 2021 - 1:15 a.m.

CVE-2021-45642

2021-12-2601:15:19

mitre

web.nvd.nist.gov

netgear

devices

security

settings

configuration

vulnerability

cve-2021-45642

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

AI Score

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.64, EX6250 before 1.0.0.134, EX7700 before 1.0.0.222, LBR20 before 2.6.3.50, RBS50Y before 2.7.3.22, R8900 before 1.0.5.26, R9000 before 1.0.5.26, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.36, EX7320 before 1.0.0.134, RAX120 before 1.2.2.24, EX7300v2 before 1.0.0.134, RAX120v2 before 1.2.2.24, EX6410 before 1.0.0.134, RBR10 before 2.7.3.22, RBR20 before 2.7.3.22, RBR40 before 2.7.3.22, RBR50 before 2.7.3.22, EX6420 before 1.0.0.134, RBS10 before 2.7.3.22, RBS20 before 2.7.3.22, RBS40 before 2.7.3.22, RBS50 before 2.7.3.22, EX6400v2 before 1.0.0.134, RBK12 before 2.7.3.22, RBK20 before 2.7.3.22, RBK40 before 2.7.3.22, and RBK50 before 2.7.3.22.

Affected configurations

Nvd

Node

netgeard7800_firmwareRange<1.0.1.64

AND

netgeard7800Match-

Node

netgearex6250_firmwareRange<1.0.0.134

AND

netgearex6250Match-

Node

netgearex7700_firmwareRange<1.0.0.222

AND

netgearex7700Match-

Node

netgearlbr20_firmwareRange<2.6.3.50

AND

netgearlbr20Match-

Node

netgearrbs50y_firmwareRange<2.7.3.22

AND

netgearrbs50yMatch-

Node

netgearrbs50_firmwareRange<2.7.3.22

AND

netgearrbs50y_firmwareMatch2.7.3.22

Node

netgearrbs20_firmwareRange<2.7.3.22

AND

netgearrbs20Match-

Node

netgearrbs10_firmwareRange<2.7.3.22

AND

netgearrbs10Match-

Node

netgearrbs40_firmwareRange<2.7.3.22

AND

netgearrbs40Match-

Node

netgearr8900_firmwareRange<1.0.5.26

AND

netgearr8900Match-

Node

netgearr9000_firmwareRange<1.0.5.26

AND

netgearr9000Match-

Node

netgearxr450_firmwareRange<2.3.2.66

AND

netgearxr450Match-

Node

netgearxr500_firmwareRange<2.3.2.66

AND

netgearxr500Match-

Node

netgearxr700_firmwareRange<1.0.1.36

AND

netgearxr700Match-

Node

netgearex7320_firmwareRange<1.0.0.134

AND

netgearex7320Match-

Node

netgearrax120_firmwareRange<1.2.2.24

AND

netgearrax120Match-

Node

netgearex7300v2_firmwareRange<1.0.0.134

AND

netgearex7300v2Match-

Node

netgearrax120v2_firmwareRange<1.2.2.24

AND

netgearrax120v2Match-

Node

netgearex6410_firmwareRange<1.0.0.134

AND

netgearex6410Match-

Node

netgearex6420_firmwareRange<1.0.0.134

AND

netgearex6420Match-

Node

netgearex6400v2_firmwareRange<1.0.0.134

AND

netgearex6400v2Match-

Node

netgearrbr10_firmwareRange<2.7.3.22

AND

netgearrbr10Match-

Node

netgearrbr20_firmwareRange<2.7.3.22

AND

netgearrbr20Match-

Node

netgearrbr40_firmwareRange<2.7.3.22

AND

netgearrbr40Match-

Node

netgearrbr50_firmwareRange<2.7.3.22

AND

netgearrbr50Match-

Node

netgearrbk12_firmwareRange<2.7.3.22

AND

netgearrbk12Match-

Node

netgearrbk20_firmwareRange<2.7.3.22

AND

netgearrbk20Match-

Node

netgearrbk40_firmwareRange<2.7.3.22

AND

netgearrbk40Match-

Node

netgearrbk50_firmwareRange<2.7.3.22

AND

netgearrbk50Match-

VendorProductVersionCPE
netgeard7800_firmware*cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*
netgeard7800-cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*
netgearex6250_firmware*cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*
netgearex6250-cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*
netgearex7700_firmware*cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*
netgearex7700-cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*
netgearlbr20_firmware*cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*
netgearlbr20-cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*
netgearrbs50y_firmware*cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*
netgearrbs50y-cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netgear	d7800_firmware	*	cpe:2.3:o:netgear:d7800_firmware::::::::
netgear	d7800	-	cpe:2.3:h:netgear:d7800:-:::::::*
netgear	ex6250_firmware	*	cpe:2.3:o:netgear:ex6250_firmware::::::::
netgear	ex6250	-	cpe:2.3:h:netgear:ex6250:-:::::::*
netgear	ex7700_firmware	*	cpe:2.3:o:netgear:ex7700_firmware::::::::
netgear	ex7700	-	cpe:2.3:h:netgear:ex7700:-:::::::*
netgear	lbr20_firmware	*	cpe:2.3:o:netgear:lbr20_firmware::::::::
netgear	lbr20	-	cpe:2.3:h:netgear:lbr20:-:::::::*
netgear	rbs50y_firmware	*	cpe:2.3:o:netgear:rbs50y_firmware::::::::
netgear	rbs50y	-	cpe:2.3:h:netgear:rbs50y:-:::::::*

Rows per page:

1-10 of 581

References

kb.netgear.com/000064491/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0427

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

AI Score

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

Related for CVE-2021-45642