Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2021-12-26 01:15

Modified

2024-11-21 06:32

Severity ?

9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, R7850 before 1.0.5.74, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX35v2 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX43 before 1.0.3.96, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBK852 before 3.2.17.12, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RS400 before 1.5.1.80, XR1000 before 1.0.0.58, and XR300 before 1.0.3.68.

References

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064515/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0524	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064515/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0524	Vendor Advisory

Impacted products

Vendor	Product	Version
netgear	cbr40_firmware	*
netgear	cbr40	-
netgear	cbr750_firmware	*
netgear	cbr750	-
netgear	eax20_firmware	*
netgear	eax20	-
netgear	eax80_firmware	*
netgear	eax80	-
netgear	ex7500_firmware	*
netgear	ex7500	-
netgear	lax20_firmware	*
netgear	lax20	-
netgear	mk62_firmware	*
netgear	mk62	-
netgear	mr60_firmware	*
netgear	mr60	-
netgear	ms60_firmware	*
netgear	ms60	-
netgear	r6400v2_firmware	*
netgear	r6400v2	-
netgear	r6700v3_firmware	*
netgear	r6700v3	-
netgear	r6900p_firmware	*
netgear	r6900p	-
netgear	r7000_firmware	*
netgear	r7000	-
netgear	r7000p_firmware	*
netgear	r7000p	-
netgear	r7850_firmware	*
netgear	r7850	-
netgear	r7900_firmware	*
netgear	r7900	-
netgear	r7900p_firmware	*
netgear	r7900p	-
netgear	r7960p_firmware	*
netgear	r7960p	-
netgear	r8000_firmware	*
netgear	r8000	-
netgear	r8000p_firmware	*
netgear	r8000p	-
netgear	rax15_firmware	*
netgear	rax15	-
netgear	rax20_firmware	*
netgear	rax20	-
netgear	rax200_firmware	*
netgear	rax200	-
netgear	rax35v2_firmware	*
netgear	rax35v2	-
netgear	rax40v2_firmware	*
netgear	rax40v2	-
netgear	rax43_firmware	*
netgear	rax43	-
netgear	rax45_firmware	*
netgear	rax45	-
netgear	rax50_firmware	*
netgear	rax50	-
netgear	rax75_firmware	*
netgear	rax75	-
netgear	rax80_firmware	*
netgear	rax80	-
netgear	rbk752_firmware	*
netgear	rbk752	-
netgear	rbk852_firmware	*
netgear	rbk852	-
netgear	rbr750_firmware	*
netgear	rbr750	-
netgear	rbr850_firmware	*
netgear	rbr850	-
netgear	rbs750_firmware	*
netgear	rbs750	-
netgear	rbs850_firmware	*
netgear	rbs850	-
netgear	rs400_firmware	*
netgear	rs400	-
netgear	xr1000_firmware	*
netgear	xr1000	-
netgear	xr300_firmware	*
netgear	xr300	-

▼	URL	Tags
	vulnreport@tenable.com	https://www.tenable.com/security/research/tra-2021-55	Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/research/tra-2021-55	Third Party Advisory

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064526/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2020-0572	Patch, Vendor Advisory

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064513/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0517	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064513/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0517	Vendor Advisory

URL	Tags
zdi-disclosures@trendmicro.com	https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327	Vendor Advisory
zdi-disclosures@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-22-524/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064723/Security-Advisory-for-Multiple-Vulnerabilities-on-Multiple-Products-PSV-2021-0327	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-22-524/	Third Party Advisory, VDB Entry

Vendor	Product	Version
netgear	cax80_firmware	*
netgear	cax80	-
netgear	lax20_firmware	*
netgear	lax20	-
netgear	mr60_firmware	*
netgear	mr60	-
netgear	mr80_firmware	*
netgear	mr80	-
netgear	ms60_firmware	*
netgear	ms60	-
netgear	ms80_firmware	*
netgear	ms80	-
netgear	r6400_firmware	*
netgear	r6400	-
netgear	r6400_firmware	*
netgear	r6400	v2
netgear	r6700_firmware	*
netgear	r6700	v3
netgear	r6900p_firmware	*
netgear	r6900p	-
netgear	r7000_firmware	*
netgear	r7000	-
netgear	r7000p_firmware	*
netgear	r7000p	-
netgear	r7850_firmware	*
netgear	r7850	-
netgear	r7900p_firmware	*
netgear	r7900p	-
netgear	r7960p_firmware	*
netgear	r7960p	-
netgear	r8000_firmware	*
netgear	r8000	-
netgear	r8000p_firmware	*
netgear	r8000p	-
netgear	r8500_firmware	*
netgear	r8500	-
netgear	rax15_firmware	*
netgear	rax15	-
netgear	rax20_firmware	*
netgear	rax20	-
netgear	rax200_firmware	*
netgear	rax200	-
netgear	rax35_firmware	*
netgear	rax35	v2
netgear	rax38_firmware	*
netgear	rax38	v2
netgear	rax40_firmware	*
netgear	rax40	v2
netgear	rax42_firmware	*
netgear	rax42	-
netgear	rax43_firmware	*
netgear	rax43	-
netgear	rax45_firmware	*
netgear	rax45	-
netgear	rax48_firmware	*
netgear	rax48	-
netgear	rax50_firmware	*
netgear	rax50	-
netgear	rax50s_firmware	*
netgear	rax50s	-
netgear	rax75_firmware	*
netgear	rax75	-
netgear	rax80_firmware	*
netgear	rax80	-
netgear	rs400_firmware	*
netgear	rs400	-
netgear	r7100lg_firmware	*
netgear	r7100lg	-

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064510/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0509	Vendor Advisory

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064138/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0508	Vendor Advisory

URL	Tags
zdi-disclosures@trendmicro.com	https://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325	Vendor Advisory
zdi-disclosures@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-22-522/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-22-522/	Third Party Advisory, VDB Entry

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064527/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0576	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064527/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0576	Vendor Advisory

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064509/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extender-WiFi-Systems-PSV-2020-0506	Broken Link
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064509/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extender-WiFi-Systems-PSV-2020-0506	Broken Link

URL	Tags
zdi-disclosures@trendmicro.com	https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168	Vendor Advisory
zdi-disclosures@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-21-1303/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zerodayinitiative.com/advisories/ZDI-21-1303/	Third Party Advisory, VDB Entry

Vendor	Product	Version
netgear	ex3700_firmware	*
netgear	ex3700	-
netgear	ex3800_firmware	*
netgear	ex3800	-
netgear	ex6120_firmware	*
netgear	ex6120	-
netgear	ex6130_firmware	*
netgear	ex6130	-
netgear	r6400_firmware	*
netgear	r6400	-
netgear	r6400v2_firmware	*
netgear	r6400v2	-
netgear	r6700v3_firmware	*
netgear	r6700v3	-
netgear	r6900p_firmware	*
netgear	r6900p	-
netgear	r7000_firmware	*
netgear	r7000	-
netgear	r7000p_firmware	*
netgear	r7000p	-
netgear	r7100lg_firmware	*
netgear	r7100lg	-
netgear	r7850_firmware	*
netgear	r7850	-
netgear	r7900p_firmware	*
netgear	r7900p	-
netgear	r7960p_firmware	*
netgear	r7960p	-
netgear	r8000_firmware	*
netgear	r8000	-
netgear	r8000p_firmware	*
netgear	r8000p	-
netgear	r8300_firmware	*
netgear	r8300	-
netgear	r8500_firmware	*
netgear	r8500	-
netgear	rax15_firmware	*
netgear	rax15	-
netgear	rax20_firmware	*
netgear	rax20	-
netgear	rax200_firmware	*
netgear	rax200	-
netgear	rax35v2_firmware	*
netgear	rax35v2	-
netgear	rax38v2_firmware	*
netgear	rax38v2	-
netgear	rax40v2_firmware	*
netgear	rax40v2	-
netgear	rax42_firmware	*
netgear	rax42	-
netgear	rax43_firmware	*
netgear	rax43	-
netgear	rax45_firmware	*
netgear	rax45	-
netgear	rax48_firmware	*
netgear	rax48	-
netgear	rax50_firmware	*
netgear	rax50	-
netgear	rax50s_firmware	*
netgear	rax50s	-
netgear	rax75_firmware	*
netgear	rax75	-
netgear	rax80_firmware	*
netgear	rax80	-
netgear	raxe450_firmware	*
netgear	raxe450	-
netgear	raxe500_firmware	*
netgear	raxe500	-
netgear	rs400_firmware	*
netgear	rs400	-
netgear	wndr3400v3_firmware	*
netgear	wndr3400v3	-
netgear	wnr3500lv2_firmware	*
netgear	wnr3500lv2	-
netgear	xr300_firmware	*
netgear	xr300	-
netgear	d6220_firmware	*
netgear	d6220	-
netgear	d6400_firmware	*
netgear	d6400	-
netgear	d7000v2_firmware	*
netgear	d7000v2	-
netgear	dgn2200v4_firmware	*
netgear	dgn2200v4	-
netgear	dc112a_firmware	*
netgear	dc112a	-
netgear	cax80_firmware	*
netgear	cax80	-

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064523/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0562	Vendor Advisory

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064141/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0520	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064141/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0520	Vendor Advisory

▼	URL	Tags
	https://www.zerodayinitiative.com/advisories/ZDI-21-1303/	x_refsource_MISC
	https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168	x_refsource_MISC

Vulnerabilites related to netgear - rax43

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from variot

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5