fkie_nvd - fkie_cve-2021-45557

fkie_cve-2021-45557

Vulnerability from fkie_nvd

Published

2021-12-26 01:15

Modified

2024-11-21 06:32

Severity ?

7.5 (High) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TUP before 1.0.5.3, GS710TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS724TPP before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS750E before 1.0.1.10, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2.

References

▼	URL	Tags
	cve@mitre.org	https://kb.netgear.com/000064164/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Switches-PSV-2021-0167	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.netgear.com/000064164/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Switches-PSV-2021-0167	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
netgear	gc108p_firmware	*
netgear	gc108p	-
netgear	gc108pp_firmware	*
netgear	gc108pp	-
netgear	gs108tv3_firmware	*
netgear	gs108tv3	-
netgear	gs110tpv3_firmware	*
netgear	gs110tpv3	-
netgear	gs110tpp_firmware	*
netgear	gs110tpp	-
netgear	gs110tup_firmware	*
netgear	gs110tup	-
netgear	gs710tup_firmware	*
netgear	gs710tup	-
netgear	gs308t_firmware	*
netgear	gs308t	-
netgear	gs310tp_firmware	*
netgear	gs310tp	-
netgear	gs710tup_firmware	*
netgear	gs710tup	-
netgear	gs716tp_firmware	*
netgear	gs716tp	-
netgear	gs716tpp_firmware	*
netgear	gs716tpp	-
netgear	gs724tpp_firmware	*
netgear	gs724tpp	-
netgear	gs724tpv2_firmware	*
netgear	gs724tpv2	-
netgear	gs724tpp_firmware	*
netgear	gs724tpp	-
netgear	gs728tppv2_firmware	*
netgear	gs728tppv2	-
netgear	gs728tpv2_firmware	*
netgear	gs728tpv2	-
netgear	gs752tpv2_firmware	*
netgear	gs752tpv2	-
netgear	gs752tpp_firmware	*
netgear	gs752tpp	-
netgear	gs750e_firmware	*
netgear	gs750e	-
netgear	ms510txm_firmware	*
netgear	ms510txm	-
netgear	ms510txup_firmware	*
netgear	ms510txup	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gc108p_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A1CC9E5-8253-4924-8282-9E768661680E",
              "versionEndExcluding": "1.0.8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gc108p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9E3ADD8-926C-46CD-ABDF-0F7C99879808",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gc108pp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B8389CE-DA82-49C9-A431-7B2FE7C8950E",
              "versionEndExcluding": "1.0.8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gc108pp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79979EF-D425-4199-BC73-36FB97EA9976",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs108tv3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A67E5B21-38A7-47DF-9D7C-B68F9916E6F2",
              "versionEndExcluding": "7.0.7.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs108tv3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EE9EB1F-D49E-499A-B39B-7F15A1E5DAEC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs110tpv3_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72779793-9379-4F2F-BE33-DCB0245D5809",
              "versionEndExcluding": "7.0.7.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs110tpv3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6933C827-B585-4A09-92B3-0A8D218EAA2A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs110tpp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAAA5112-5735-4889-9F6C-4217D2CE58FC",
              "versionEndExcluding": "7.0.7.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs110tpp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E095D139-28EE-4ADD-8FCD-3C2322AC3668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs110tup_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B241F5FC-3053-44ED-ABDE-F7E4C1F26E2D",
              "versionEndExcluding": "1.0.5.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs110tup:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A469DFA-DE46-444C-B007-F9932C61EE26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs710tup_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17CEF560-AF2A-48AD-B8A4-666BD2ECBDCE",
              "versionEndExcluding": "1.0.5.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs710tup:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6F019BC-8BBB-40F4-A05C-172DCAC705C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs308t_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5EF9D41-5E0D-4BBC-BD8C-40422B29D241",
              "versionEndExcluding": "1.0.3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs308t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C204CFAA-0709-421A-A907-8F5B093063F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs310tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A18B9E4-16A6-443B-A504-784FA821B404",
              "versionEndExcluding": "1.0.3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs310tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6761CCD9-9D27-465F-8707-F23707A84803",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs710tup_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17CEF560-AF2A-48AD-B8A4-666BD2ECBDCE",
              "versionEndExcluding": "1.0.5.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs710tup:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6F019BC-8BBB-40F4-A05C-172DCAC705C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs716tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57F0167-9C61-44FB-A7BB-70F0A9247DB8",
              "versionEndExcluding": "1.0.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs716tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9D88DD2-CE3F-431C-8FC8-01CBFB5AFED1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs716tpp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "421B0F3A-9A03-42B0-8B45-E77DFE176A6F",
              "versionEndExcluding": "1.0.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs716tpp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB3B313-1667-401C-92CF-EBB03CF91010",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs724tpp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "339698F2-2727-469D-82E4-8E025FCBB106",
              "versionEndExcluding": "2.0.6.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs724tpp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EB10210-B401-4944-832A-D31AEA8B3952",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs724tpv2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20BF678C-4FA5-4194-BC59-61BCEC453739",
              "versionEndExcluding": "2.0.6.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs724tpv2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D92F01-012E-4D90-AC57-F24AEA0A2038",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs724tpp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "339698F2-2727-469D-82E4-8E025FCBB106",
              "versionEndExcluding": "2.0.6.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs724tpp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EB10210-B401-4944-832A-D31AEA8B3952",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs728tppv2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "018B077A-46B9-4D22-AE55-5FE9E9E45F12",
              "versionEndExcluding": "6.0.8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs728tppv2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF37586-C1D5-4694-B9A2-4F4E090FA153",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs728tpv2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E38B2B-64BF-42A0-AB56-7A0EA607BC03",
              "versionEndExcluding": "6.0.8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs728tpv2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50FD1C49-C811-44DB-9494-86126A9017FF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs752tpv2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0964FBB-D311-4262-8CB6-214318C09BFE",
              "versionEndExcluding": "6.0.8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs752tpv2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9BCD433-D2E0-4E89-892F-7A8BC6D29C47",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs752tpp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00504A9F-EBE8-4D88-98C6-52CC260EC944",
              "versionEndExcluding": "6.0.8.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs752tpp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "995D8E9F-7AE6-4A17-A728-7190FB2CE8BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:gs750e_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDFC5B41-EBAC-42C9-B12E-AAACC199F324",
              "versionEndExcluding": "1.0.1.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:gs750e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A56285CF-1BD8-4BB5-AC9C-9EDDFCFC9E5C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms510txm_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D620D42-9365-4A5E-957C-ADB9EAD56D8C",
              "versionEndExcluding": "1.0.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms510txm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CF12A57-ACFA-48AA-B41C-06EB7095C800",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:netgear:ms510txup_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD52B5A4-0CF4-4E80-BD9B-05C1DFB855D2",
              "versionEndExcluding": "1.0.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:netgear:ms510txup:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3A918F0-36BB-4EDE-98B8-00C3DC8F7BB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TUP before 1.0.5.3, GS710TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS724TPP before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS750E before 1.0.1.10, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2."
    },
    {
      "lang": "es",
      "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un usuario autenticado. Esto afecta a GC108P versiones anteriores a 1.0.8.2, GC108PP versiones anteriores a 1.0.8.2, GS108Tv3 versiones anteriores a 7.0.7.2, GS110TPv3 versiones anteriores a 7.0.7.2, GS110TPP versiones anteriores a 7.0.7. 2, GS110TUP versiones anteriores a 1.0.5.3, GS710TUP versiones anteriores a 1.0.5.3, GS308T versiones anteriores a 1.0.3.2, GS310TP versiones anteriores a 1.0.3.2, GS710TUP versiones anteriores a 1.0.5.3, GS716TP versiones anteriores a 1.0.4. 2, GS716TPP versiones anteriores a 1.0.4.2, GS724TPP versiones anteriores a 2.0.6.3, GS724TPv2 versiones anteriores a 2.0.6.3, GS724TPP versiones anteriores a 2.0.6.3, GS728TPPv2 versiones anteriores a 6.0.8.2, GS728TPv2 versiones anteriores a 6. 0.8.2, GS752TPv2 versiones anteriores a 6.0.8.2, GS752TPP versiones anteriores a 6.0.8.2, GS750E versiones anteriores a 1.0.1.10, MS510TXM versiones anteriores a 1.0.4.2 y MS510TXUP versiones anteriores a 1.0.4.2"
    }
  ],
  "id": "CVE-2021-45557",
  "lastModified": "2024-11-21T06:32:30.807",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 6.0,
        "source": "cve@mitre.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-26T01:15:15.707",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064164/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Switches-PSV-2021-0167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://kb.netgear.com/000064164/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Switches-PSV-2021-0167"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2021-45557

Vulnerability from cvelistv5

Published

2021-12-26 00:50

Modified

2024-08-04 04:47

Severity ?

7.5 (High) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H

Summary

References

▼	URL	Tags
	https://kb.netgear.com/000064164/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Switches-PSV-2021-0167	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T04:47:00.406Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000064164/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Switches-PSV-2021-0167"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TUP before 1.0.5.3, GS710TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS724TPP before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS750E before 1.0.1.10, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:A/A:H/C:L/I:H/PR:H/S:C/UI:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-26T00:50:45",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.netgear.com/000064164/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Switches-PSV-2021-0167"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-45557",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TUP before 1.0.5.3, GS710TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS724TPP before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS750E before 1.0.1.10, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AC:H/AV:A/A:H/C:L/I:H/PR:H/S:C/UI:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.netgear.com/000064164/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Switches-PSV-2021-0167",
              "refsource": "MISC",
              "url": "https://kb.netgear.com/000064164/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Switches-PSV-2021-0167"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-45557",
    "datePublished": "2021-12-26T00:50:45",
    "dateReserved": "2021-12-25T00:00:00",
    "dateUpdated": "2024-08-04T04:47:00.406Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted