Vulnerabilites related to netgear - sxr30_firmware
cve-2021-45645
Vulnerability from cvelistv5
Published
2021-12-26 00:30
Modified
2024-08-04 04:47
Severity ?
EPSS score ?
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:47:01.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000064530/Security-Advisory-for-Security-Misconfiguration-on-Some-WiFi-Systems-PSV-2021-0127"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:N/C:H/I:L/PR:N/S:C/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-26T00:30:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000064530/Security-Advisory-for-Security-Misconfiguration-on-Some-WiFi-Systems-PSV-2021-0127"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:A/A:N/C:H/I:L/PR:N/S:C/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000064530/Security-Advisory-for-Security-Misconfiguration-on-Some-WiFi-Systems-PSV-2021-0127",
"refsource": "MISC",
"url": "https://kb.netgear.com/000064530/Security-Advisory-for-Security-Misconfiguration-on-Some-WiFi-Systems-PSV-2021-0127"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45645",
"datePublished": "2021-12-26T00:30:07",
"dateReserved": "2021-12-25T00:00:00",
"dateUpdated": "2024-08-04T04:47:01.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-12-26 01:15
Modified
2024-11-21 06:32
Severity ?
8.2 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netgear | rbs50y_firmware | * | |
| netgear | rbs50y | - | |
| netgear | srk60_firmware | * | |
| netgear | srk60 | - | |
| netgear | srr60_firmware | * | |
| netgear | srr60 | - | |
| netgear | srs60_firmware | * | |
| netgear | srs60 | - | |
| netgear | sxk30_firmware | * | |
| netgear | sxk30 | - | |
| netgear | sxr30_firmware | * | |
| netgear | sxr30 | - | |
| netgear | sxs30_firmware | * | |
| netgear | sxs30 | - | |
| netgear | src60_firmware | * | |
| netgear | src60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C686FAAA-E94E-4F1F-B764-D700ECEB37EB",
"versionEndExcluding": "2.7.0.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27F93A76-6EFF-4DA6-9129-4792E2C125D4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:srk60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1EDA1489-219A-4FC8-B7AB-3E032C66DDA9",
"versionEndExcluding": "2.7.0.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:srk60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC347EB-699E-4626-A944-2D378101DDCF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:srr60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31E644AC-70F0-440B-A288-5726D3818B51",
"versionEndExcluding": "2.7.0.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:srr60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55E6F589-04DA-431C-9E03-BA2A59BB0E4A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:srs60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "306E7460-4916-43B7-B0F6-571C5D7E88A0",
"versionEndExcluding": "2.7.0.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:srs60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB01247-A20F-41CA-8718-E8E60E7F14B3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:sxk30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F935DE-13A5-4BEF-AC6B-7DE7427F634A",
"versionEndExcluding": "3.2.33.108",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:sxk30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A233D4C9-DD0E-40EB-AAF5-771F8108586C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:sxr30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49BE78F8-75F3-4F6F-B3E7-57E84BBB0DA9",
"versionEndExcluding": "3.2.33.108",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:sxr30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FDDCE8B-FD84-4005-AF69-A1AC26D23E28",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:sxs30_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DC91433-BA5A-4770-BC0D-333DEA734A2F",
"versionEndExcluding": "3.2.33.108",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:sxs30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1834FB75-232D-4B54-96AA-8536D40BC042",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:src60_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E97D76C4-0529-4E2B-B3F5-729FAF60238A",
"versionEndExcluding": "2.7.0.122",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:src60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE67D9E-2EB2-4DE5-B245-71C370C002B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122."
},
{
"lang": "es",
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por la configuraci\u00f3n incorrecta de los ajustes de seguridad. Esto afecta a RBS50Y versiones anteriores a 2.7.0.122, SRK60 versiones anteriores a 2.7.0.122, SRR60 versiones anteriores a 2.7.0.122, SRS60 versiones anteriores a 2.7.0.122, SXK30 versiones anteriores a 3.2.33.108, SXR30 versiones anteriores a 3.2.33.108, SXS30 versiones anteriores a 3.2.33.108 y SRC60 versiones anteriores a 2.7.0.122"
}
],
"id": "CVE-2021-45645",
"lastModified": "2024-11-21T06:32:46.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-26T01:15:19.877",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000064530/Security-Advisory-for-Security-Misconfiguration-on-Some-WiFi-Systems-PSV-2021-0127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kb.netgear.com/000064530/Security-Advisory-for-Security-Misconfiguration-on-Some-WiFi-Systems-PSV-2021-0127"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}