All the vulnerabilites related to netgear - rbk13
cve-2021-29068
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T21:55:12.644Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-03-23T07:04:52", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-29068", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155", "refsource": "MISC", "url": "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-29068", "datePublished": "2021-03-23T06:57:00", "dateReserved": "2021-03-23T00:00:00", "dateUpdated": "2024-08-03T21:55:12.644Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-27256
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:48:16.076Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "R7800", "vendor": "NETGEAR", "versions": [ { "status": "affected", "version": "firmware version 1.0.2.76" } ] } ], "credits": [ { "lang": "en", "value": "takeshi" } ], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-03-05T20:00:25", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "zdi-disclosures@trendmicro.com", "ID": "CVE-2021-27256", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "R7800", "version": { "version_data": [ { "version_value": "firmware version 1.0.2.76" } ] } } ] }, "vendor_name": "NETGEAR" } ] } }, "credit": "takeshi", "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355." } ] }, "impact": { "cvss": { "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders", "refsource": "MISC", "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/" } ] } } } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2021-27256", "datePublished": "2021-03-05T20:00:25", "dateReserved": "2021-02-16T00:00:00", "dateUpdated": "2024-08-03T20:48:16.076Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-27252
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:48:16.107Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-248/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "R7800", "vendor": "NETGEAR", "versions": [ { "status": "affected", "version": "firmware version 1.0.2.76" } ] } ], "credits": [ { "lang": "en", "value": "atdog (@atdog_tw)" } ], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-14T15:45:57", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-248/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "zdi-disclosures@trendmicro.com", "ID": "CVE-2021-27252", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "R7800", "version": { "version_data": [ { "version_value": "firmware version 1.0.2.76" } ] } } ] }, "vendor_name": "NETGEAR" } ] } }, "credit": "atdog (@atdog_tw)", "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216." } ] }, "impact": { "cvss": { "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders", "refsource": "MISC", "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-248/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-248/" } ] } } } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2021-27252", "datePublished": "2021-04-14T15:45:57", "dateReserved": "2021-02-16T00:00:00", "dateUpdated": "2024-08-03T20:48:16.107Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-27253
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:48:16.037Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-249/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "R7800", "vendor": "NETGEAR", "versions": [ { "status": "affected", "version": "firmware version 1.0.2.76" } ] } ], "credits": [ { "lang": "en", "value": "Ho\\xc3\\xa0ng Th\\xe1\\xba\\xa1ch Nguy\\xe1\\xbb\\x85n, Lucas Tay" } ], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_bind.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12303." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-14T15:45:57", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-249/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "zdi-disclosures@trendmicro.com", "ID": "CVE-2021-27253", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "R7800", "version": { "version_data": [ { "version_value": "firmware version 1.0.2.76" } ] } } ] }, "vendor_name": "NETGEAR" } ] } }, "credit": "Ho\\xc3\\xa0ng Th\\xe1\\xba\\xa1ch Nguy\\xe1\\xbb\\x85n, Lucas Tay", "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_bind.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12303." } ] }, "impact": { "cvss": { "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-122: Heap-based Buffer Overflow" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders", "refsource": "MISC", "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-249/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-249/" } ] } } } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2021-27253", "datePublished": "2021-04-14T15:45:58", "dateReserved": "2021-02-16T00:00:00", "dateUpdated": "2024-08-03T20:48:16.037Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-27251
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:48:15.869Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-247/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "R7800", "vendor": "NETGEAR", "versions": [ { "status": "affected", "version": "1.0.2.76" } ] } ], "credits": [ { "lang": "en", "value": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)" } ], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-319", "description": "CWE-319: Cleartext Transmission of Sensitive Information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-14T15:45:56", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-247/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "zdi-disclosures@trendmicro.com", "ID": "CVE-2021-27251", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "R7800", "version": { "version_data": [ { "version_value": "1.0.2.76" } ] } } ] }, "vendor_name": "NETGEAR" } ] } }, "credit": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)", "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308." } ] }, "impact": { "cvss": { "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-319: Cleartext Transmission of Sensitive Information" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders", "refsource": "MISC", "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-247/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-247/" } ] } } } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2021-27251", "datePublished": "2021-04-14T15:45:56", "dateReserved": "2021-02-16T00:00:00", "dateUpdated": "2024-08-03T20:48:15.869Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-27861
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T16:25:43.503Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1430/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.netgear.com/000062507/Security-Advisory-for-Unauthenticated-Command-Injection-Vulnerability-on-Some-Extenders-and-Orbi-WiFi-Systems" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Orbi", "vendor": "NETGEAR", "versions": [ { "status": "affected", "version": "2.5.1.16" } ] } ], "credits": [ { "lang": "en", "value": "Shaunak Mirani" } ], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11076." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-03-12T13:50:22", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1430/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://kb.netgear.com/000062507/Security-Advisory-for-Unauthenticated-Command-Injection-Vulnerability-on-Some-Extenders-and-Orbi-WiFi-Systems" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "zdi-disclosures@trendmicro.com", "ID": "CVE-2020-27861", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Orbi", "version": { "version_data": [ { "version_value": "2.5.1.16" } ] } } ] }, "vendor_name": "NETGEAR" } ] } }, "credit": "Shaunak Mirani", "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11076." } ] }, "impact": { "cvss": { "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1430/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1430/" }, { "name": "https://kb.netgear.com/000062507/Security-Advisory-for-Unauthenticated-Command-Injection-Vulnerability-on-Some-Extenders-and-Orbi-WiFi-Systems", "refsource": "MISC", "url": "https://kb.netgear.com/000062507/Security-Advisory-for-Unauthenticated-Command-Injection-Vulnerability-on-Some-Extenders-and-Orbi-WiFi-Systems" } ] } } } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2020-27861", "datePublished": "2021-02-11T23:35:36", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-08-04T16:25:43.503Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-27257
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:48:15.995Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "R7800", "vendor": "NETGEAR", "versions": [ { "status": "affected", "version": "firmware version 1.0.2.76" } ] } ], "credits": [ { "lang": "en", "value": "botto" } ], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-295", "description": "CWE-295: Improper Certificate Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-03-05T20:00:26", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "zdi-disclosures@trendmicro.com", "ID": "CVE-2021-27257", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "R7800", "version": { "version_data": [ { "version_value": "firmware version 1.0.2.76" } ] } } ] }, "vendor_name": "NETGEAR" } ] } }, "credit": "botto", "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362." } ] }, "impact": { "cvss": { "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-295: Improper Certificate Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders", "refsource": "MISC", "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/" } ] } } } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2021-27257", "datePublished": "2021-03-05T20:00:26", "dateReserved": "2021-02-16T00:00:00", "dateUpdated": "2024-08-03T20:48:15.995Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-27254
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:48:15.867Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-252/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "R7800", "vendor": "NETGEAR", "versions": [ { "status": "affected", "version": "firmware version 1.0.2.76" } ] } ], "credits": [ { "lang": "en", "value": "84c0" } ], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-259", "description": "CWE-259: Use of Hard-coded Password", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-03-05T20:00:23", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-252/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "zdi-disclosures@trendmicro.com", "ID": "CVE-2021-27254", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "R7800", "version": { "version_data": [ { "version_value": "firmware version 1.0.2.76" } ] } } ] }, "vendor_name": "NETGEAR" } ] } }, "credit": "84c0", "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287." } ] }, "impact": { "cvss": { "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-259: Use of Hard-coded Password" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-252/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-252/" }, { "name": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders", "refsource": "MISC", "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" } ] } } } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2021-27254", "datePublished": "2021-03-05T20:00:23", "dateReserved": "2021-02-16T00:00:00", "dateUpdated": "2024-08-03T20:48:15.867Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-27255
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:48:16.644Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-263/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "R7800", "vendor": "NETGEAR", "versions": [ { "status": "affected", "version": "firmware version 1.0.2.76" } ] } ], "credits": [ { "lang": "en", "value": "STARLabs" } ], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-306", "description": "CWE-306: Missing Authentication for Critical Function", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-03-05T20:00:24", "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-263/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "zdi-disclosures@trendmicro.com", "ID": "CVE-2021-27255", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "R7800", "version": { "version_data": [ { "version_value": "firmware version 1.0.2.76" } ] } } ] }, "vendor_name": "NETGEAR" } ] } }, "credit": "STARLabs", "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360." } ] }, "impact": { "cvss": { "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-306: Missing Authentication for Critical Function" } ] } ] }, "references": { "reference_data": [ { "name": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders", "refsource": "MISC", "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-263/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-263/" } ] } } } }, "cveMetadata": { "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "assignerShortName": "zdi", "cveId": "CVE-2021-27255", "datePublished": "2021-03-05T20:00:24", "dateReserved": "2021-02-16T00:00:00", "dateUpdated": "2024-08-03T20:48:16.644Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
var-202104-1037
Vulnerability from variot
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308. Zero Day Initiative To this vulnerability ZDI-CAN-12308 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1037", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "rbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "ex7700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.216" }, { "model": "br200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex6400v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "xr450", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbk15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk53", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "d7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.60" }, { "model": "br500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "rbk12", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7300", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "ex7300v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk13", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7320", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6100v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "xr500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbs20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk23", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6410", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6150", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "ex6250", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbs10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50y", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "lbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.3.50" }, { "model": "xr700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.38" }, { "model": "rbs40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk14", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex8000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.232" }, { "model": "ex6420", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "r7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.80" }, { "model": "rbk50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "r8900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "rbk43", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk43s", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk44", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "r9000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "br500", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7800", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6410", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6150", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "d7800", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6100v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6250", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br200", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7800", "scope": null, "trust": 0.7, "vendor": "netgear", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-247" }, { "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "db": "NVD", "id": "CVE-2021-27251" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-27251" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)", "sources": [ { "db": "ZDI", "id": "ZDI-21-247" } ], "trust": 0.7 }, "cve": "CVE-2021-27251", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 6.5, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 8.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2021-27251", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "zdi-disclosures@trendmicro.com", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-27251", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "ZDI", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2021-27251", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 0.7, "userInteraction": "NONE", "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-27251", "trust": 1.8, "value": "HIGH" }, { "author": "zdi-disclosures@trendmicro.com", "id": "CVE-2021-27251", "trust": 1.0, "value": "HIGH" }, { "author": "ZDI", "id": "CVE-2021-27251", "trust": 0.7, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202104-1136", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-247" }, { "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "db": "NVD", "id": "CVE-2021-27251" }, { "db": "NVD", "id": "CVE-2021-27251" }, { "db": "CNNVD", "id": "CNNVD-202104-1136" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308. Zero Day Initiative To this vulnerability ZDI-CAN-12308 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state", "sources": [ { "db": "NVD", "id": "CVE-2021-27251" }, { "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "db": "ZDI", "id": "ZDI-21-247" }, { "db": "VULMON", "id": "CVE-2021-27251" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-27251", "trust": 4.0 }, { "db": "ZDI", "id": "ZDI-21-247", "trust": 3.2 }, { "db": "JVNDB", "id": "JVNDB-2021-006381", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-12308", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202104-1136", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-27251", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-247" }, { "db": "VULMON", "id": "CVE-2021-27251" }, { "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "db": "NVD", "id": "CVE-2021-27251" }, { "db": "CNNVD", "id": "CNNVD-202104-1136" } ] }, "id": "VAR-202104-1037", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.27871401555555564 }, "last_update_date": "2023-12-18T13:22:56.248000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders", "trust": 1.5, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "title": "Netgear NETGEAR Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=147498" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-247" }, { "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "db": "CNNVD", "id": "CNNVD-202104-1136" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-319", "trust": 1.0 }, { "problemtype": "Sending important information in clear text (CWE-319) [ Other ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "db": "NVD", "id": "CVE-2021-27251" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://www.zerodayinitiative.com/advisories/zdi-21-247/" }, { "trust": 2.4, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27251" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/319.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-247" }, { "db": "VULMON", "id": "CVE-2021-27251" }, { "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "db": "NVD", "id": "CVE-2021-27251" }, { "db": "CNNVD", "id": "CNNVD-202104-1136" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-21-247" }, { "db": "VULMON", "id": "CVE-2021-27251" }, { "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "db": "NVD", "id": "CVE-2021-27251" }, { "db": "CNNVD", "id": "CNNVD-202104-1136" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-24T00:00:00", "db": "ZDI", "id": "ZDI-21-247" }, { "date": "2021-04-14T00:00:00", "db": "VULMON", "id": "CVE-2021-27251" }, { "date": "2022-01-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "date": "2021-04-14T16:15:13.657000", "db": "NVD", "id": "CVE-2021-27251" }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-1136" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-24T00:00:00", "db": "ZDI", "id": "ZDI-21-247" }, { "date": "2021-04-27T00:00:00", "db": "VULMON", "id": "CVE-2021-27251" }, { "date": "2022-01-06T05:00:00", "db": "JVNDB", "id": "JVNDB-2021-006381" }, { "date": "2021-04-27T14:50:32.750000", "db": "NVD", "id": "CVE-2021-27251" }, { "date": "2021-04-28T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-1136" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-1136" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "NETGEAR\u00a0Nighthawk\u00a0R7800\u00a0 Vulnerability in plaintext transmission of important information in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-006381" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-1136" } ], "trust": 0.6 } }
var-202103-0945
Vulnerability from variot
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287. Zero Day Initiative To this vulnerability ZDI-CAN-12287 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0945", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "rbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "ex7700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.216" }, { "model": "br200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex6400v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "xr450", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbk15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk53", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk13", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "d7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.60" }, { "model": "br500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex7300", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "ex7300v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6150v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "rbk12", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7320", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6100v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "xr500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbs20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk23", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6410", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6250", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbs10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50y", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "lbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.3.50" }, { "model": "xr700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.38" }, { "model": "rbs40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk14", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex8000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.232" }, { "model": "ex6420", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "r7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.80" }, { "model": "rbk50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "r8900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "rbk43", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk43s", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk44", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "r9000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "ex6150v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6100v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "d7800", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br200", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6250", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6420", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6410", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br500", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7800", "scope": null, "trust": 0.7, "vendor": "netgear", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-252" }, { "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "db": "NVD", "id": "CVE-2021-27254" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-27254" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "84c0", "sources": [ { "db": "ZDI", "id": "ZDI-21-252" } ], "trust": 0.7 }, "cve": "CVE-2021-27254", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 6.5, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 8.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2021-27254", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "zdi-disclosures@trendmicro.com", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "impactScore": 3.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-27254", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "ZDI", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "id": "CVE-2021-27254", "impactScore": 3.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 0.7, "userInteraction": "NONE", "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-27254", "trust": 1.8, "value": "HIGH" }, { "author": "zdi-disclosures@trendmicro.com", "id": "CVE-2021-27254", "trust": 1.0, "value": "MEDIUM" }, { "author": "ZDI", "id": "CVE-2021-27254", "trust": 0.7, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202102-1677", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-252" }, { "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "db": "NVD", "id": "CVE-2021-27254" }, { "db": "NVD", "id": "CVE-2021-27254" }, { "db": "CNNVD", "id": "CNNVD-202102-1677" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287. Zero Day Initiative To this vulnerability ZDI-CAN-12287 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state", "sources": [ { "db": "NVD", "id": "CVE-2021-27254" }, { "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "db": "ZDI", "id": "ZDI-21-252" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-27254", "trust": 3.1 }, { "db": "ZDI", "id": "ZDI-21-252", "trust": 3.1 }, { "db": "JVNDB", "id": "JVNDB-2021-004434", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-12287", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202102-1677", "trust": 0.6 } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-252" }, { "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "db": "NVD", "id": "CVE-2021-27254" }, { "db": "CNNVD", "id": "CNNVD-202102-1677" } ] }, "id": "VAR-202103-0945", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.28795077578947376 }, "last_update_date": "2023-12-18T13:27:48.630000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders", "trust": 1.5, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "title": "NETGEAR Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=142759" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-252" }, { "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "db": "CNNVD", "id": "CNNVD-202102-1677" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-798", "trust": 1.0 }, { "problemtype": "Use hard-coded passwords (CWE-259) [ Other ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "db": "NVD", "id": "CVE-2021-27254" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.0, "url": "https://www.zerodayinitiative.com/advisories/zdi-21-252/" }, { "trust": 2.3, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27254" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-252" }, { "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "db": "NVD", "id": "CVE-2021-27254" }, { "db": "CNNVD", "id": "CNNVD-202102-1677" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-21-252" }, { "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "db": "NVD", "id": "CVE-2021-27254" }, { "db": "CNNVD", "id": "CNNVD-202102-1677" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-25T00:00:00", "db": "ZDI", "id": "ZDI-21-252" }, { "date": "2021-11-22T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "date": "2021-03-05T20:15:12.317000", "db": "NVD", "id": "CVE-2021-27254" }, { "date": "2021-02-25T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1677" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-25T00:00:00", "db": "ZDI", "id": "ZDI-21-252" }, { "date": "2021-11-22T06:02:00", "db": "JVNDB", "id": "JVNDB-2021-004434" }, { "date": "2022-04-25T17:48:00.193000", "db": "NVD", "id": "CVE-2021-27254" }, { "date": "2022-04-26T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1677" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1677" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "NETGEAR\u00a0R7800\u00a0 Vulnerability in using hard-coded passwords in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-004434" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "trust management problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1677" } ], "trust": 0.6 } }
var-202102-0332
Vulnerability from variot
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11076. NETGEAR Orbi Has OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-11076 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-0332", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "rbk22 router", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbr50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.40" }, { "model": "rbk20 router", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbk50v", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.40" }, { "model": "rbk44 router", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbk23 satellite", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbk40 router", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbs20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbk20w", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbk43s satellite", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbk43 router", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "cbk40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbk14", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "cbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbk44 satellite", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbs10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "rbk20 satellite", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "cbk43", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbs40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbk43s router", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbk22 satellite", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "ex8000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.224" }, { "model": "ex6200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.82" }, { "model": "rbk23 router", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbk43 satellite", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbk33", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbk40 satellite", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbk52w", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.40" }, { "model": "ex7700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.210" }, { "model": "rbk30", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbs50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.40" }, { "model": "rbk23w", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbr10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "rbk15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "rbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rbk50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.40" }, { "model": "rbk13", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "rbk12", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "cbk43", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "rbk12", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "cbr40", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex7700", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6200", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex8000", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "cbk40", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "rbk15", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "rbk13", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "rbk14", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "orbi", "scope": null, "trust": 0.7, "vendor": "netgear", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-20-1430" }, { "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "db": "NVD", "id": "CVE-2020-27861" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:cbk40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:cbk40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:cbk43_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:cbk43:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.82", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.210", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.224", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk20w_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk20w:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23w_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23w:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk20_router_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netgear:rbk20_satellite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk22_router_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netgear:rbk22_satellite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk22:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_router_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_satellite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk30_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk30:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk33_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk33:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_router_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_satellite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43_router_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netgear:rbk43_satellite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43s_router_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netgear:rbk43s_satellite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk44_router_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:netgear:rbk44_satellite_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50v_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk52w_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk52w:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2020-27861" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Shaunak Mirani", "sources": [ { "db": "ZDI", "id": "ZDI-20-1430" } ], "trust": 0.7 }, "cve": "CVE-2020-27861", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 6.5, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 8.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2020-27861", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "zdi-disclosures@trendmicro.com", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2020-27861", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "ZDI", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2020-27861", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 0.7, "userInteraction": "NONE", "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2020-27861", "trust": 1.8, "value": "HIGH" }, { "author": "zdi-disclosures@trendmicro.com", "id": "CVE-2020-27861", "trust": 1.0, "value": "HIGH" }, { "author": "ZDI", "id": "CVE-2020-27861", "trust": 0.7, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202102-1082", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2020-27861", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-20-1430" }, { "db": "VULMON", "id": "CVE-2020-27861" }, { "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "db": "NVD", "id": "CVE-2020-27861" }, { "db": "NVD", "id": "CVE-2020-27861" }, { "db": "CNNVD", "id": "CNNVD-202102-1082" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11076. NETGEAR Orbi Has OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-11076 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state", "sources": [ { "db": "NVD", "id": "CVE-2020-27861" }, { "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "db": "ZDI", "id": "ZDI-20-1430" }, { "db": "VULMON", "id": "CVE-2020-27861" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2020-27861", "trust": 3.2 }, { "db": "ZDI", "id": "ZDI-20-1430", "trust": 3.2 }, { "db": "JVNDB", "id": "JVNDB-2020-015997", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-11076", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202102-1082", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2020-27861", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-20-1430" }, { "db": "VULMON", "id": "CVE-2020-27861" }, { "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "db": "NVD", "id": "CVE-2020-27861" }, { "db": "CNNVD", "id": "CNNVD-202102-1082" } ] }, "id": "VAR-202102-0332", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.29699992500000005 }, "last_update_date": "2023-12-18T13:17:59.292000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security\u00a0Advisory\u00a0for\u00a0Unauthenticated\u00a0Command\u00a0Injection\u00a0Vulnerability\u00a0on\u00a0Some\u00a0Extenders\u00a0and\u00a0Orbi\u00a0WiFi\u00a0Systems,\u00a0PSV-2020-0301", "trust": 0.8, "url": "https://kb.netgear.com/000062507/security-advisory-for-unauthenticated-command-injection-vulnerability-on-some-extenders-and-orbi-wifi-systems-psv-2020-0301" }, { "title": "NETGEAR has issued an update to correct this vulnerability.", "trust": 0.7, "url": "https://kb.netgear.com/000062507/security-advisory-for-unauthenticated-command-injection-vulnerability-on-some-extenders-and-orbi-wifi-systems" }, { "title": "Netgear NETGEAR Fixes for operating system command injection vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=142366" }, { "title": "", "trust": 0.1, "url": "https://github.com/f1tao/awesome-iot-security-resource " } ], "sources": [ { "db": "ZDI", "id": "ZDI-20-1430" }, { "db": "VULMON", "id": "CVE-2020-27861" }, { "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "db": "CNNVD", "id": "CNNVD-202102-1082" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-78", "trust": 1.0 }, { "problemtype": "OS Command injection (CWE-78) [NVD Evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "db": "NVD", "id": "CVE-2020-27861" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://www.zerodayinitiative.com/advisories/zdi-20-1430/" }, { "trust": 2.4, "url": "https://kb.netgear.com/000062507/security-advisory-for-unauthenticated-command-injection-vulnerability-on-some-extenders-and-orbi-wifi-systems" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-27861" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/78.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://github.com/f1tao/awesome-iot-security-resource" } ], "sources": [ { "db": "ZDI", "id": "ZDI-20-1430" }, { "db": "VULMON", "id": "CVE-2020-27861" }, { "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "db": "NVD", "id": "CVE-2020-27861" }, { "db": "CNNVD", "id": "CNNVD-202102-1082" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-20-1430" }, { "db": "VULMON", "id": "CVE-2020-27861" }, { "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "db": "NVD", "id": "CVE-2020-27861" }, { "db": "CNNVD", "id": "CNNVD-202102-1082" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-12-15T00:00:00", "db": "ZDI", "id": "ZDI-20-1430" }, { "date": "2021-02-12T00:00:00", "db": "VULMON", "id": "CVE-2020-27861" }, { "date": "2021-10-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "date": "2021-02-12T00:15:12.500000", "db": "NVD", "id": "CVE-2020-27861" }, { "date": "2021-02-11T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1082" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-12-15T00:00:00", "db": "ZDI", "id": "ZDI-20-1430" }, { "date": "2021-03-23T00:00:00", "db": "VULMON", "id": "CVE-2020-27861" }, { "date": "2021-10-29T09:04:00", "db": "JVNDB", "id": "JVNDB-2020-015997" }, { "date": "2021-03-23T18:54:23.193000", "db": "NVD", "id": "CVE-2020-27861" }, { "date": "2021-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1082" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1082" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "NETGEAR\u00a0Orbi\u00a0 In \u00a0OS\u00a0 Command injection vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2020-015997" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "operating system commend injection", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1082" } ], "trust": 0.6 } }
var-202104-1038
Vulnerability from variot
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216. NETGEAR R7800 For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-12216 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1038", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "rbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "ex7700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.216" }, { "model": "br200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex6400v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "xr450", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbk15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk53", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "d7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.60" }, { "model": "br500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "rbk12", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7300", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "ex7300v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk13", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7320", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6100v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "xr500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbs20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk23", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6410", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6150", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "ex6250", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbs10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50y", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "lbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.3.50" }, { "model": "xr700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.38" }, { "model": "rbs40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk14", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex8000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.232" }, { "model": "ex6420", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "r7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.80" }, { "model": "rbk50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "r8900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "rbk43", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk43s", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk44", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "r9000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "br500", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7800", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6410", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6150", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "d7800", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6100v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6250", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br200", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7800", "scope": null, "trust": 0.7, "vendor": "netgear", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-248" }, { "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "db": "NVD", "id": "CVE-2021-27252" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-27252" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "atdog (@atdog_tw)", "sources": [ { "db": "ZDI", "id": "ZDI-21-248" } ], "trust": 0.7 }, "cve": "CVE-2021-27252", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 6.5, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 8.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2021-27252", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "zdi-disclosures@trendmicro.com", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-27252", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "ZDI", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2021-27252", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 0.7, "userInteraction": "NONE", "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-27252", "trust": 1.8, "value": "HIGH" }, { "author": "zdi-disclosures@trendmicro.com", "id": "CVE-2021-27252", "trust": 1.0, "value": "HIGH" }, { "author": "ZDI", "id": "CVE-2021-27252", "trust": 0.7, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202104-1073", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-248" }, { "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "db": "NVD", "id": "CVE-2021-27252" }, { "db": "NVD", "id": "CVE-2021-27252" }, { "db": "CNNVD", "id": "CNNVD-202104-1073" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216. NETGEAR R7800 For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-12216 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state", "sources": [ { "db": "NVD", "id": "CVE-2021-27252" }, { "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "db": "ZDI", "id": "ZDI-21-248" }, { "db": "VULMON", "id": "CVE-2021-27252" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-27252", "trust": 4.0 }, { "db": "ZDI", "id": "ZDI-21-248", "trust": 3.2 }, { "db": "JVNDB", "id": "JVNDB-2021-006382", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-12216", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202104-1073", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-27252", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-248" }, { "db": "VULMON", "id": "CVE-2021-27252" }, { "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "db": "NVD", "id": "CVE-2021-27252" }, { "db": "CNNVD", "id": "CNNVD-202104-1073" } ] }, "id": "VAR-202104-1038", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.27871401555555564 }, "last_update_date": "2023-12-18T13:12:33.847000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders", "trust": 1.5, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "title": "Netgear NETGEAR R7800 Fixes for operating system command injection vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=147594" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-248" }, { "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "db": "CNNVD", "id": "CNNVD-202104-1073" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-78", "trust": 1.0 }, { "problemtype": "OS Command injection (CWE-78) [ Other ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "db": "NVD", "id": "CVE-2021-27252" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://www.zerodayinitiative.com/advisories/zdi-21-248/" }, { "trust": 2.4, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27252" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/78.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-248" }, { "db": "VULMON", "id": "CVE-2021-27252" }, { "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "db": "NVD", "id": "CVE-2021-27252" }, { "db": "CNNVD", "id": "CNNVD-202104-1073" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-21-248" }, { "db": "VULMON", "id": "CVE-2021-27252" }, { "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "db": "NVD", "id": "CVE-2021-27252" }, { "db": "CNNVD", "id": "CNNVD-202104-1073" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-24T00:00:00", "db": "ZDI", "id": "ZDI-21-248" }, { "date": "2021-04-14T00:00:00", "db": "VULMON", "id": "CVE-2021-27252" }, { "date": "2022-01-06T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "date": "2021-04-14T16:15:13.737000", "db": "NVD", "id": "CVE-2021-27252" }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-1073" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-24T00:00:00", "db": "ZDI", "id": "ZDI-21-248" }, { "date": "2021-04-27T00:00:00", "db": "VULMON", "id": "CVE-2021-27252" }, { "date": "2022-01-06T05:00:00", "db": "JVNDB", "id": "JVNDB-2021-006382" }, { "date": "2021-04-27T14:49:52.450000", "db": "NVD", "id": "CVE-2021-27252" }, { "date": "2021-04-28T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-1073" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-1073" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "NETGEAR\u00a0R7800\u00a0 In firmware \u00a0OS\u00a0 Command injection vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-006382" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "operating system commend injection", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-1073" } ], "trust": 0.6 } }
var-202103-1271
Vulnerability from variot
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This affects R6700v3 prior to 1.0.4.98, R6400v2 prior to 1.0.4.98, R7000 prior to 1.0.11.106, R6900P prior to 1.3.2.124, R7000P prior to 1.3.2.124, R7900 prior to 1.0.4.26, R7850 prior to 1.0.5.60, R8000 prior to 1.0.4.58, RS400 prior to 1.5.0.48, R6400 prior to 1.0.1.62, R6700 prior to 1.0.2.16, R6900 prior to 1.0.2.16, MK60 prior to 1.0.5.102, MR60 prior to 1.0.5.102, MS60 prior to 1.0.5.102, CBR40 prior to 2.5.0.10, R8000P prior to 1.4.1.62, R7960P prior to 1.4.1.62, R7900P prior to 1.4.1.62, RAX15 prior to 1.0.1.64, RAX20 prior to 1.0.1.64, RAX75 prior to 1.0.3.102, RAX80 prior to 1.0.3.102, RAX200 prior to 1.0.2.102, RAX45 prior to 1.0.2.64, RAX50 prior to 1.0.2.64, EX7500 prior to 1.0.0.68, EAX80 prior to 1.0.1.62, EAX20 prior to 1.0.0.36, RBK752 prior to 3.2.16.6, RBK753 prior to 3.2.16.6, RBK753S prior to 3.2.16.6, RBK754 prior to 3.2.16.6, RBR750 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBK852 prior to 3.2.16.6, RBK853 prior to 3.2.16.6, RBK854 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBR840 prior to 3.2.16.6, RBS840 prior to 3.2.16.6, R6120 prior to 1.0.0.70, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6260 prior to 1.1.0.76, R6850 prior to 1.1.0.76, R6350 prior to 1.1.0.76, R6330 prior to 1.1.0.76, D7800 prior to 1.0.1.58, RBK50 prior to 2.6.1.40, RBR50 prior to 2.6.1.40, RBS50 prior to 2.6.1.40, RBK40 prior to 2.6.1.36, RBR40 prior to 2.6.1.36, RBS40 prior to 2.6.1.38, RBK23 prior to 2.6.1.36, RBR20 prior to 2.6.1.38, RBS20 prior to 2.6.1.38, RBK12 prior to 2.6.1.44, RBK13 prior to 2.6.1.44, RBK14 prior to 2.6.1.44, RBK15 prior to 2.6.1.44, RBR10 prior to 2.6.1.44, RBS10 prior to 2.6.1.44, R6800 prior to 1.2.0.72, R6900v2 prior to 1.2.0.72, R6700v2 prior to 1.2.0.72, R7200 prior to 1.2.0.72, R7350 prior to 1.2.0.72, R7400 prior to 1.2.0.72, R7450 prior to 1.2.0.72, AC2100 prior to 1.2.0.72, AC2400 prior to 1.2.0.72, AC2600 prior to 1.2.0.72, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.24, R9000 prior to 1.0.5.24, RAX120 prior to 1.0.1.136, XR450 prior to 2.3.2.66, XR500 prior to 2.3.2.66, XR700 prior to 1.0.1.34, and XR300 prior to 1.0.3.50
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-1271", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "r6700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.4.98" }, { "model": "rbr50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.40" }, { "model": "rbk40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "r7400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "rbs850", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "rbk752", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "rax80", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.3.102" }, { "model": "cbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.5.0.10" }, { "model": "rbs20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "r6400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.4.98" }, { "model": "r7850", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.60" }, { "model": "rbs840", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "eax20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.36" }, { "model": "rax50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.64" }, { "model": "r7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.74" }, { "model": "xr700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.34" }, { "model": "r6400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.62" }, { "model": "rbr850", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "rbk854", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "rbk753", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "r8000p", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.4.1.62" }, { "model": "r7000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.11.106" }, { "model": "r7000p", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.3.2.124" }, { "model": "r6900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.16" }, { "model": "rax120", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.136" }, { "model": "r6220", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.70" }, { "model": "r6260", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.1.0.76" }, { "model": "rax200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.102" }, { "model": "xr450", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.66" }, { "model": "r7900p", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.4.1.62" }, { "model": "rax45", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.64" }, { "model": "r6900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "rbs50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.40" }, { "model": "r7960p", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.4.1.62" }, { "model": "ms60", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.102" }, { "model": "ac2400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "rbr10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "r7900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.4.26" }, { "model": "r7450", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "rbk15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "eax80", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.62" }, { "model": "r6900p", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.3.2.124" }, { "model": "rbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "r6800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "rbk753s", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "rs400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.5.0.48" }, { "model": "rbs750", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "mr60", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.102" }, { "model": "r6700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.16" }, { "model": "r7350", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "rbk754", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "rbk23", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.36" }, { "model": "rax20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.64" }, { "model": "mk60", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.102" }, { "model": "r6330", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.1.0.76" }, { "model": "r6120", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.70" }, { "model": "ac2100", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "r6700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "r6850", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.1.0.76" }, { "model": "rbr750", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "d7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.58" }, { "model": "ex7500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.68" }, { "model": "r6230", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.70" }, { "model": "rbk14", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "rbr840", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "r8900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.24" }, { "model": "rax75", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.3.102" }, { "model": "rbk842", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "r8000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.4.58" }, { "model": "rbs10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "r9000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.24" }, { "model": "rbs40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "rbk852", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "ac2600", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "rax15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.64" }, { "model": "r7200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.2.0.72" }, { "model": "xr300", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.3.50" }, { "model": "rbk853", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "3.2.16.6" }, { "model": "xr500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.66" }, { "model": "r6350", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.1.0.76" }, { "model": "rbk50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.40" }, { "model": "rbk13", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "rbk12", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.44" }, { "model": "rbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.1.38" }, { "model": "r6900p", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7000p", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7000", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7850", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r6400", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7900", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r8000", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r6700", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "db": "NVD", "id": "CVE-2021-29068" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.4.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.4.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.11.106", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7000:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.3.2.124", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6900p:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.3.2.124", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7000p:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.4.26", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7900:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.60", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7850:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.4.58", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8000:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.5.0.48", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rs400:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.62", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6400:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.16", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6700:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.16", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6900:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:mk60_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.102", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:mk60:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.102", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:mr60:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.102", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ms60:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.5.0.10", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:cbr40:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.4.1.62", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8000p:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.4.1.62", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7960p:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.4.1.62", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7900p:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.64", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rax15:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.64", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rax20:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.3.102", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rax75:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.3.102", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rax80:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.102", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rax200:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.64", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.64", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.68", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7500:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.62", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:eax80:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:eax20:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk752:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk753:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk753s:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk754:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk852:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk853:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk854:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk842:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.70", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6120:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.70", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6220:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.70", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6230:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.1.0.76", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6260:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.1.0.76", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6850:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.1.0.76", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6350:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6330_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.1.0.76", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6330:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.58", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:d7800:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr50:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk40:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr40:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs40:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr20:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs20:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk12:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk13:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk14:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk15:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr10:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs10:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6800:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7200:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7350:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7400:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7450:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ac2100:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ac2400:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ac2600:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.74", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7800:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.24", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8900:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.24", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r9000:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.136", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rax120:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.66", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr450:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.66", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr500:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.34", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr700:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.3.50", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr300:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-29068" } ] }, "cve": "CVE-2021-29068", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "Single", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 6.5, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2021-29068", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "cve@mitre.org", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.1, "impactScore": 6.0, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-29068", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-29068", "trust": 1.8, "value": "HIGH" }, { "author": "cve@mitre.org", "id": "CVE-2021-29068", "trust": 1.0, "value": "CRITICAL" }, { "author": "CNNVD", "id": "CNNVD-202103-1360", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2021-29068", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-29068" }, { "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "db": "NVD", "id": "CVE-2021-29068" }, { "db": "NVD", "id": "CVE-2021-29068" }, { "db": "CNNVD", "id": "CNNVD-202103-1360" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This affects R6700v3 prior to 1.0.4.98, R6400v2 prior to 1.0.4.98, R7000 prior to 1.0.11.106, R6900P prior to 1.3.2.124, R7000P prior to 1.3.2.124, R7900 prior to 1.0.4.26, R7850 prior to 1.0.5.60, R8000 prior to 1.0.4.58, RS400 prior to 1.5.0.48, R6400 prior to 1.0.1.62, R6700 prior to 1.0.2.16, R6900 prior to 1.0.2.16, MK60 prior to 1.0.5.102, MR60 prior to 1.0.5.102, MS60 prior to 1.0.5.102, CBR40 prior to 2.5.0.10, R8000P prior to 1.4.1.62, R7960P prior to 1.4.1.62, R7900P prior to 1.4.1.62, RAX15 prior to 1.0.1.64, RAX20 prior to 1.0.1.64, RAX75 prior to 1.0.3.102, RAX80 prior to 1.0.3.102, RAX200 prior to 1.0.2.102, RAX45 prior to 1.0.2.64, RAX50 prior to 1.0.2.64, EX7500 prior to 1.0.0.68, EAX80 prior to 1.0.1.62, EAX20 prior to 1.0.0.36, RBK752 prior to 3.2.16.6, RBK753 prior to 3.2.16.6, RBK753S prior to 3.2.16.6, RBK754 prior to 3.2.16.6, RBR750 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBK852 prior to 3.2.16.6, RBK853 prior to 3.2.16.6, RBK854 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBR840 prior to 3.2.16.6, RBS840 prior to 3.2.16.6, R6120 prior to 1.0.0.70, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6260 prior to 1.1.0.76, R6850 prior to 1.1.0.76, R6350 prior to 1.1.0.76, R6330 prior to 1.1.0.76, D7800 prior to 1.0.1.58, RBK50 prior to 2.6.1.40, RBR50 prior to 2.6.1.40, RBS50 prior to 2.6.1.40, RBK40 prior to 2.6.1.36, RBR40 prior to 2.6.1.36, RBS40 prior to 2.6.1.38, RBK23 prior to 2.6.1.36, RBR20 prior to 2.6.1.38, RBS20 prior to 2.6.1.38, RBK12 prior to 2.6.1.44, RBK13 prior to 2.6.1.44, RBK14 prior to 2.6.1.44, RBK15 prior to 2.6.1.44, RBR10 prior to 2.6.1.44, RBS10 prior to 2.6.1.44, R6800 prior to 1.2.0.72, R6900v2 prior to 1.2.0.72, R6700v2 prior to 1.2.0.72, R7200 prior to 1.2.0.72, R7350 prior to 1.2.0.72, R7400 prior to 1.2.0.72, R7450 prior to 1.2.0.72, AC2100 prior to 1.2.0.72, AC2400 prior to 1.2.0.72, AC2600 prior to 1.2.0.72, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.24, R9000 prior to 1.0.5.24, RAX120 prior to 1.0.1.136, XR450 prior to 2.3.2.66, XR500 prior to 2.3.2.66, XR700 prior to 1.0.1.34, and XR300 prior to 1.0.3.50", "sources": [ { "db": "NVD", "id": "CVE-2021-29068" }, { "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "db": "VULMON", "id": "CVE-2021-29068" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-29068", "trust": 3.3 }, { "db": "JVNDB", "id": "JVNDB-2021-005326", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202103-1360", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-29068", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-29068" }, { "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "db": "NVD", "id": "CVE-2021-29068" }, { "db": "CNNVD", "id": "CNNVD-202103-1360" } ] }, "id": "VAR-202103-1271", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.32033295292682923 }, "last_update_date": "2023-12-18T13:51:35.075000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security\u00a0Advisory\u00a0for\u00a0Post-Authentication\u00a0Buffer\u00a0Overflow\u00a0on\u00a0Some\u00a0Routers,\u00a0Extenders,\u00a0and\u00a0WiFi\u00a0Systems\u00a0,\u00a0PSV-2020-0155", "trust": 0.8, "url": "https://kb.netgear.com/000063021/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-extenders-and-wifi-systems-psv-2020-0155" }, { "title": "Netgear NETGEAR Buffer error vulnerability fix", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=145681" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "db": "CNNVD", "id": "CNNVD-202103-1360" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-120", "trust": 1.0 }, { "problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "db": "NVD", "id": "CVE-2021-29068" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://kb.netgear.com/000063021/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-extenders-and-wifi-systems-psv-2020-0155" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-29068" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/120.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-29068" }, { "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "db": "NVD", "id": "CVE-2021-29068" }, { "db": "CNNVD", "id": "CNNVD-202103-1360" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2021-29068" }, { "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "db": "NVD", "id": "CVE-2021-29068" }, { "db": "CNNVD", "id": "CNNVD-202103-1360" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-03-23T00:00:00", "db": "VULMON", "id": "CVE-2021-29068" }, { "date": "2021-12-13T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "date": "2021-03-23T07:15:13.297000", "db": "NVD", "id": "CVE-2021-29068" }, { "date": "2021-03-23T00:00:00", "db": "CNNVD", "id": "CNNVD-202103-1360" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-03-27T00:00:00", "db": "VULMON", "id": "CVE-2021-29068" }, { "date": "2021-12-13T01:53:00", "db": "JVNDB", "id": "JVNDB-2021-005326" }, { "date": "2021-03-27T01:23:02.573000", "db": "NVD", "id": "CVE-2021-29068" }, { "date": "2021-03-30T00:00:00", "db": "CNNVD", "id": "CNNVD-202103-1360" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202103-1360" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0NETGEAR\u00a0 Classic buffer overflow vulnerability in device", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-005326" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202103-1360" } ], "trust": 0.6 } }
var-202103-0948
Vulnerability from variot
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362. NETGEAR R7800 There is a certificate validation vulnerability in the firmware. Zero Day Initiative To this vulnerability ZDI-CAN-12362 Was numbered.Information may be tampered with. Netgear NETGEAR R7800 is a wireless router from Netgear
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0948", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "r7800", "scope": null, "trust": 1.3, "vendor": "netgear", "version": null }, { "model": "rbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "ex7700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.216" }, { "model": "br200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex6400v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "xr450", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbk15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk53", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk13", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "d7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.60" }, { "model": "br500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex7300", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "ex7300v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6150v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "rbk12", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7320", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6100v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "xr500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbs20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk23", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6410", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6250", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbs10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50y", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "lbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.3.50" }, { "model": "xr700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.38" }, { "model": "rbs40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk14", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex8000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.232" }, { "model": "ex6420", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "r7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.80" }, { "model": "rbk50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "r8900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "rbk43", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk43s", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk44", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "r9000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "ex6150v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br500", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6250", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6410", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6420", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br200", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6100v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "d7800", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-264" }, { "db": "CNVD", "id": "CNVD-2021-14775" }, { "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "db": "NVD", "id": "CVE-2021-27257" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-27257" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)", "sources": [ { "db": "ZDI", "id": "ZDI-21-264" } ], "trust": 0.7 }, "cve": "CVE-2021-27257", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 3.3, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2021-27257", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Low", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "id": "CNVD-2021-14775", "impactScore": 6.9, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:A/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "impactScore": 3.6, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "zdi-disclosures@trendmicro.com", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "impactScore": 3.6, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2021-27257", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "ZDI", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2021-27257", "impactScore": 3.6, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 0.7, "userInteraction": "NONE", "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-27257", "trust": 1.8, "value": "MEDIUM" }, { "author": "zdi-disclosures@trendmicro.com", "id": "CVE-2021-27257", "trust": 1.0, "value": "MEDIUM" }, { "author": "ZDI", "id": "CVE-2021-27257", "trust": 0.7, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2021-14775", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202102-1752", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2021-27257", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-264" }, { "db": "CNVD", "id": "CNVD-2021-14775" }, { "db": "VULMON", "id": "CVE-2021-27257" }, { "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "db": "NVD", "id": "CVE-2021-27257" }, { "db": "NVD", "id": "CVE-2021-27257" }, { "db": "CNNVD", "id": "CNNVD-202102-1752" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362. NETGEAR R7800 There is a certificate validation vulnerability in the firmware. Zero Day Initiative To this vulnerability ZDI-CAN-12362 Was numbered.Information may be tampered with. Netgear NETGEAR R7800 is a wireless router from Netgear", "sources": [ { "db": "NVD", "id": "CVE-2021-27257" }, { "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "db": "ZDI", "id": "ZDI-21-264" }, { "db": "CNVD", "id": "CNVD-2021-14775" }, { "db": "VULMON", "id": "CVE-2021-27257" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-27257", "trust": 3.8 }, { "db": "ZDI", "id": "ZDI-21-264", "trust": 3.8 }, { "db": "JVNDB", "id": "JVNDB-2021-004503", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-12362", "trust": 0.7 }, { "db": "CNVD", "id": "CNVD-2021-14775", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202102-1752", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-27257", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-264" }, { "db": "CNVD", "id": "CNVD-2021-14775" }, { "db": "VULMON", "id": "CVE-2021-27257" }, { "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "db": "NVD", "id": "CVE-2021-27257" }, { "db": "CNNVD", "id": "CNNVD-202102-1752" } ] }, "id": "VAR-202103-0948", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2021-14775" } ], "trust": 0.8879507757894738 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 0.6 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2021-14775" } ] }, "last_update_date": "2023-12-18T12:35:08.135000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders", "trust": 1.5, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "title": "Patch for NETGEAR remote code execution vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/251011" }, { "title": "NETGEAR Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=142983" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-264" }, { "db": "CNVD", "id": "CNVD-2021-14775" }, { "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "db": "CNNVD", "id": "CNNVD-202102-1752" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-295", "trust": 1.0 }, { "problemtype": "Bad certificate verification (CWE-295) [ Other ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "db": "NVD", "id": "CVE-2021-27257" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.8, "url": "https://www.zerodayinitiative.com/advisories/zdi-21-264/" }, { "trust": 2.4, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27257" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/295.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-264" }, { "db": "CNVD", "id": "CNVD-2021-14775" }, { "db": "VULMON", "id": "CVE-2021-27257" }, { "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "db": "NVD", "id": "CVE-2021-27257" }, { "db": "CNNVD", "id": "CNNVD-202102-1752" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-21-264" }, { "db": "CNVD", "id": "CNVD-2021-14775" }, { "db": "VULMON", "id": "CVE-2021-27257" }, { "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "db": "NVD", "id": "CVE-2021-27257" }, { "db": "CNNVD", "id": "CNNVD-202102-1752" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-26T00:00:00", "db": "ZDI", "id": "ZDI-21-264" }, { "date": "2021-03-06T00:00:00", "db": "CNVD", "id": "CNVD-2021-14775" }, { "date": "2021-03-05T00:00:00", "db": "VULMON", "id": "CVE-2021-27257" }, { "date": "2021-11-24T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "date": "2021-03-05T20:15:12.660000", "db": "NVD", "id": "CVE-2021-27257" }, { "date": "2021-02-26T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1752" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-06-29T00:00:00", "db": "ZDI", "id": "ZDI-21-264" }, { "date": "2021-03-07T00:00:00", "db": "CNVD", "id": "CNVD-2021-14775" }, { "date": "2021-03-17T00:00:00", "db": "VULMON", "id": "CVE-2021-27257" }, { "date": "2021-11-24T03:20:00", "db": "JVNDB", "id": "JVNDB-2021-004503" }, { "date": "2021-03-17T14:04:45.537000", "db": "NVD", "id": "CVE-2021-27257" }, { "date": "2021-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1752" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1752" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "NETGEAR\u00a0R7800\u00a0 Firmware validation vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-004503" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "trust management problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1752" } ], "trust": 0.6 } }
var-202103-0946
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360. Zero Day Initiative To this vulnerability ZDI-CAN-12360 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0946", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "rbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "ex7700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.216" }, { "model": "br200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex6400v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "xr450", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbk15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk53", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk13", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "d7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.60" }, { "model": "br500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex7300", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "ex7300v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6150v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "rbk12", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7320", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6100v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "xr500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbs20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk23", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6410", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6250", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbs10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50y", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "lbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.3.50" }, { "model": "xr700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.38" }, { "model": "rbs40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk14", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex8000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.232" }, { "model": "ex6420", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "r7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.80" }, { "model": "rbk50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "r8900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "rbk43", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk43s", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk44", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "r9000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "ex6150v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6100v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "d7800", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br200", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6250", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6420", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6410", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br500", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7800", "scope": null, "trust": 0.7, "vendor": "netgear", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-263" }, { "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "db": "NVD", "id": "CVE-2021-27255" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-27255" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "STARLabs", "sources": [ { "db": "ZDI", "id": "ZDI-21-263" } ], "trust": 0.7 }, "cve": "CVE-2021-27255", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 6.5, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 8.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2021-27255", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "zdi-disclosures@trendmicro.com", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "impactScore": 3.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-27255", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "ZDI", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 2.8, "id": "CVE-2021-27255", "impactScore": 3.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 0.7, "userInteraction": "NONE", "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-27255", "trust": 1.8, "value": "HIGH" }, { "author": "zdi-disclosures@trendmicro.com", "id": "CVE-2021-27255", "trust": 1.0, "value": "MEDIUM" }, { "author": "ZDI", "id": "CVE-2021-27255", "trust": 0.7, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202102-1751", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-263" }, { "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "db": "NVD", "id": "CVE-2021-27255" }, { "db": "NVD", "id": "CVE-2021-27255" }, { "db": "CNNVD", "id": "CNNVD-202102-1751" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360. Zero Day Initiative To this vulnerability ZDI-CAN-12360 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state", "sources": [ { "db": "NVD", "id": "CVE-2021-27255" }, { "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "db": "ZDI", "id": "ZDI-21-263" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-27255", "trust": 3.1 }, { "db": "ZDI", "id": "ZDI-21-263", "trust": 3.1 }, { "db": "JVNDB", "id": "JVNDB-2021-004433", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-12360", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202102-1751", "trust": 0.6 } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-263" }, { "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "db": "NVD", "id": "CVE-2021-27255" }, { "db": "CNNVD", "id": "CNNVD-202102-1751" } ] }, "id": "VAR-202103-0946", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.28795077578947376 }, "last_update_date": "2023-12-18T13:17:54.436000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders", "trust": 1.5, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "title": "NETGEAR Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=142982" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-263" }, { "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "db": "CNNVD", "id": "CNNVD-202102-1751" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-306", "trust": 1.0 }, { "problemtype": "Lack of authentication for important features (CWE-306) [ Other ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "db": "NVD", "id": "CVE-2021-27255" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.0, "url": "https://www.zerodayinitiative.com/advisories/zdi-21-263/" }, { "trust": 2.3, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27255" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-263" }, { "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "db": "NVD", "id": "CVE-2021-27255" }, { "db": "CNNVD", "id": "CNNVD-202102-1751" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-21-263" }, { "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "db": "NVD", "id": "CVE-2021-27255" }, { "db": "CNNVD", "id": "CNNVD-202102-1751" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-26T00:00:00", "db": "ZDI", "id": "ZDI-21-263" }, { "date": "2021-11-22T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "date": "2021-03-05T20:15:12.457000", "db": "NVD", "id": "CVE-2021-27255" }, { "date": "2021-02-26T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1751" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-26T00:00:00", "db": "ZDI", "id": "ZDI-21-263" }, { "date": "2021-11-22T05:55:00", "db": "JVNDB", "id": "JVNDB-2021-004433" }, { "date": "2021-03-16T19:31:18.540000", "db": "NVD", "id": "CVE-2021-27255" }, { "date": "2021-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1751" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1751" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "NETGEAR\u00a0R7800\u00a0 Vulnerability regarding lack of authentication for important functions in firmware", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-004433" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "access control error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1751" } ], "trust": 0.6 } }
var-202104-1039
Vulnerability from variot
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_bind.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12303
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202104-1039", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "rbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "ex7700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.216" }, { "model": "br200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex6400v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "xr450", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbk15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk53", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "d7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.60" }, { "model": "br500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "rbk12", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7300", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "ex7300v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk13", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7320", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6100v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "xr500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbs20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk23", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6410", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6150", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "ex6250", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbs10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50y", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "lbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.3.50" }, { "model": "xr700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.38" }, { "model": "rbs40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk14", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex8000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.232" }, { "model": "ex6420", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "r7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.80" }, { "model": "rbk50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "r8900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "rbk43", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk43s", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk44", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "r9000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "r7800", "scope": null, "trust": 0.7, "vendor": "netgear", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-249" }, { "db": "NVD", "id": "CVE-2021-27253" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:v2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-27253" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Ho\\xc3\\xa0ng Th\\xe1\\xba\\xa1ch Nguy\\xe1\\xbb\\x85n, Lucas Tay", "sources": [ { "db": "ZDI", "id": "ZDI-21-249" } ], "trust": 0.7 }, "cve": "CVE-2021-27253", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 6.5, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "VULMON", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 6.5, "id": "CVE-2021-27253", "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "HIGH", "trust": 0.1, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "zdi-disclosures@trendmicro.com", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "ZDI", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2021-27253", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 0.7, "userInteraction": "NONE", "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-27253", "trust": 1.0, "value": "HIGH" }, { "author": "zdi-disclosures@trendmicro.com", "id": "CVE-2021-27253", "trust": 1.0, "value": "HIGH" }, { "author": "ZDI", "id": "CVE-2021-27253", "trust": 0.7, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202104-1071", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2021-27253", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-249" }, { "db": "VULMON", "id": "CVE-2021-27253" }, { "db": "NVD", "id": "CVE-2021-27253" }, { "db": "NVD", "id": "CVE-2021-27253" }, { "db": "CNNVD", "id": "CNNVD-202104-1071" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_bind.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12303", "sources": [ { "db": "NVD", "id": "CVE-2021-27253" }, { "db": "ZDI", "id": "ZDI-21-249" }, { "db": "VULMON", "id": "CVE-2021-27253" } ], "trust": 1.62 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-27253", "trust": 2.4 }, { "db": "ZDI", "id": "ZDI-21-249", "trust": 2.4 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-12303", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202104-1071", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-27253", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-249" }, { "db": "VULMON", "id": "CVE-2021-27253" }, { "db": "NVD", "id": "CVE-2021-27253" }, { "db": "CNNVD", "id": "CNNVD-202104-1071" } ] }, "id": "VAR-202104-1039", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.27871401555555564 }, "last_update_date": "2023-12-18T12:35:06.645000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "NETGEAR has issued an update to correct this vulnerability.", "trust": 0.7, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "title": "Netgear NETGEAR Buffer error vulnerability fix", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=148415" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-249" }, { "db": "CNNVD", "id": "CNNVD-202104-1071" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2021-27253" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "trust": 1.8, "url": "https://www.zerodayinitiative.com/advisories/zdi-21-249/" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27253" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/787.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-249" }, { "db": "VULMON", "id": "CVE-2021-27253" }, { "db": "NVD", "id": "CVE-2021-27253" }, { "db": "CNNVD", "id": "CNNVD-202104-1071" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-21-249" }, { "db": "VULMON", "id": "CVE-2021-27253" }, { "db": "NVD", "id": "CVE-2021-27253" }, { "db": "CNNVD", "id": "CNNVD-202104-1071" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-24T00:00:00", "db": "ZDI", "id": "ZDI-21-249" }, { "date": "2021-04-14T00:00:00", "db": "VULMON", "id": "CVE-2021-27253" }, { "date": "2021-04-14T16:15:13.797000", "db": "NVD", "id": "CVE-2021-27253" }, { "date": "2021-04-14T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-1071" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-24T00:00:00", "db": "ZDI", "id": "ZDI-21-249" }, { "date": "2021-04-23T00:00:00", "db": "VULMON", "id": "CVE-2021-27253" }, { "date": "2021-04-23T16:29:33.937000", "db": "NVD", "id": "CVE-2021-27253" }, { "date": "2021-04-25T00:00:00", "db": "CNNVD", "id": "CNNVD-202104-1071" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-1071" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "(Pwn2Own) NETGEAR Nighthawk R7800 Heap-based Buffer Overflow Remote Code Execution Vulnerability", "sources": [ { "db": "ZDI", "id": "ZDI-21-249" } ], "trust": 0.7 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202104-1071" } ], "trust": 0.6 } }
var-202103-0947
Vulnerability from variot
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355. NETGEAR R7800 For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-12355 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-0947", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "rbr40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "ex7700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.216" }, { "model": "br200", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex6400v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "xr450", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbk15", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk53", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk13", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "d7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.60" }, { "model": "br500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "5.10.0.5" }, { "model": "ex7300", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "ex7300v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6150v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "rbk12", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex7320", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6100v2", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.98" }, { "model": "xr500", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.3.2.114" }, { "model": "rbs20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk23", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6410", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "ex6250", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "rbk20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbs10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbs50y", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "lbr20", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.3.50" }, { "model": "xr700", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.38" }, { "model": "rbs40", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk14", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex8000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.1.232" }, { "model": "ex6420", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.0.134" }, { "model": "r7800", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.80" }, { "model": "rbk50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "ex6400", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.2.158" }, { "model": "r8900", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "rbk43", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr10", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbr50", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.7.2.104" }, { "model": "rbk43s", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "rbk44", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "2.6.2.104" }, { "model": "r9000", "scope": "lt", "trust": 1.0, "vendor": "netgear", "version": "1.0.5.28" }, { "model": "ex6150v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6100v2", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "d7800", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br200", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6250", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6420", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6410", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "ex6400", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "br500", "scope": null, "trust": 0.8, "vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2", "version": null }, { "model": "r7800", "scope": null, "trust": 0.7, "vendor": "netgear", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-262" }, { "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "db": "NVD", "id": "CVE-2021-27256" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-27256" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "takeshi", "sources": [ { "db": "ZDI", "id": "ZDI-21-262" } ], "trust": 0.7 }, "cve": "CVE-2021-27256", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 6.5, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 8.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2021-27256", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "author": "zdi-disclosures@trendmicro.com", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Adjacent Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2021-27256", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "ZDI", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2021-27256", "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 0.7, "userInteraction": "NONE", "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-27256", "trust": 1.8, "value": "HIGH" }, { "author": "zdi-disclosures@trendmicro.com", "id": "CVE-2021-27256", "trust": 1.0, "value": "HIGH" }, { "author": "ZDI", "id": "CVE-2021-27256", "trust": 0.7, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202102-1749", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2021-27256", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-262" }, { "db": "VULMON", "id": "CVE-2021-27256" }, { "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "db": "CNNVD", "id": "CNNVD-202102-1749" }, { "db": "NVD", "id": "CVE-2021-27256" }, { "db": "NVD", "id": "CVE-2021-27256" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355. NETGEAR R7800 For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-12355 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state", "sources": [ { "db": "NVD", "id": "CVE-2021-27256" }, { "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "db": "ZDI", "id": "ZDI-21-262" }, { "db": "VULMON", "id": "CVE-2021-27256" } ], "trust": 2.34 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-27256", "trust": 3.2 }, { "db": "ZDI", "id": "ZDI-21-262", "trust": 3.2 }, { "db": "JVNDB", "id": "JVNDB-2021-004431", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-12355", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-202102-1749", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-27256", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-262" }, { "db": "VULMON", "id": "CVE-2021-27256" }, { "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "db": "CNNVD", "id": "CNNVD-202102-1749" }, { "db": "NVD", "id": "CVE-2021-27256" } ] }, "id": "VAR-202103-0947", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.28795077578947376 }, "last_update_date": "2024-02-06T22:54:55.671000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders", "trust": 1.5, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "title": "NETGEAR Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=142980" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-262" }, { "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "db": "CNNVD", "id": "CNNVD-202102-1749" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-78", "trust": 1.0 }, { "problemtype": "OS Command injection (CWE-78) [ Other ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "db": "NVD", "id": "CVE-2021-27256" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.2, "url": "https://www.zerodayinitiative.com/advisories/zdi-21-262/" }, { "trust": 2.4, "url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27256" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/78.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "ZDI", "id": "ZDI-21-262" }, { "db": "VULMON", "id": "CVE-2021-27256" }, { "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "db": "CNNVD", "id": "CNNVD-202102-1749" }, { "db": "NVD", "id": "CVE-2021-27256" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-21-262" }, { "db": "VULMON", "id": "CVE-2021-27256" }, { "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "db": "CNNVD", "id": "CNNVD-202102-1749" }, { "db": "NVD", "id": "CVE-2021-27256" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-26T00:00:00", "db": "ZDI", "id": "ZDI-21-262" }, { "date": "2021-03-05T00:00:00", "db": "VULMON", "id": "CVE-2021-27256" }, { "date": "2021-11-22T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "date": "2021-02-26T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1749" }, { "date": "2021-03-05T20:15:12.550000", "db": "NVD", "id": "CVE-2021-27256" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-02-26T00:00:00", "db": "ZDI", "id": "ZDI-21-262" }, { "date": "2021-03-16T00:00:00", "db": "VULMON", "id": "CVE-2021-27256" }, { "date": "2021-11-22T05:39:00", "db": "JVNDB", "id": "JVNDB-2021-004431" }, { "date": "2021-03-19T00:00:00", "db": "CNNVD", "id": "CNNVD-202102-1749" }, { "date": "2021-03-16T19:35:09.947000", "db": "NVD", "id": "CVE-2021-27256" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1749" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "NETGEAR\u00a0R7800\u00a0 In firmware \u00a0OS\u00a0 Command injection vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-004431" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "operating system commend injection", "sources": [ { "db": "CNNVD", "id": "CNNVD-202102-1749" } ], "trust": 0.6 } }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9680E98E-021B-4C71-AAA0-AEF49C6AD95F", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED01605-09B9-417E-AE6F-1F62888A0C93", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89EDAF30-2238-495C-920F-F32CC17C046B", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "matchCriteriaId": "261C0D85-C951-4F0C-B9C4-0E42B15834EE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD", "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53C5C134-0778-4098-B8B4-F9589516C297", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "597D1ED8-FE6A-4325-83AB-5CA544CFA1AF", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5828F04B-E373-4E4F-942D-08CCA038418C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A60E332-CA18-4617-B7C1-4BE82470DE34", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "208CF907-B3ED-4A7D-BA5B-16A00F44683D", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5882095F-B22A-4937-BA08-6640140F10AE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "74ED019D-C07A-44BE-BD3E-30885C748DDA", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "matchCriteriaId": "C63267D8-4632-4D14-B39C-BEEC62AD8F87", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "34EB68F4-B710-47C9-A01B-A6361B185A19", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "374F6EAA-A607-4A8F-BA86-EA770BA99189", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E02DD6E2-3A3E-4857-9761-1B40FFA4E755", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A88D2A3-3B22-4639-94E9-69CE80F37392", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E53DAB63-389B-4B73-8F75-231320DC71C8", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8DC1B77-994C-473C-AC97-7CC06341C607", "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4F00B47-FFC8-4D45-B49E-8347504A9A4C", "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37C80013-2E0F-459F-BE08-18D60B109AC0", "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A43D307-64B1-46BF-8237-75518D1703CC", "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01F57C27-EB5A-4F3E-ADF7-684DF8860DA2", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F67B805-17B5-4053-8399-0AFB2EF6E1D4", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2135FFEC-0437-43C6-B146-3EF43E1B007B", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5465A78-4826-4F72-9CBE-528CBF286A79", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A413E57-A780-486E-AF85-EE460C99D696", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "matchCriteriaId": "783EEEE0-BB9A-4C54-82B2-046B1033091C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E19C965E-FA8D-4B42-BCB1-23788621DF45", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "matchCriteriaId": "B801EC38-5B86-49F2-AB81-63F0F07A9BBE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAA4BD93-AE89-4506-936F-26C605685193", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9F31C-3E12-4787-9C9B-14883D9D152A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33146BAB-5A18-4A1F-BDD8-3BB33200CDB2", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "matchCriteriaId": "17D7D346-6F52-4473-A4EA-6059C177BF0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "85AD5F45-F940-4FB5-B4D4-E44D816A3449", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "564B0FDF-7159-42EA-9CAA-BEF791274915", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC2B9C48-9FE6-462B-88EE-046F15E66430", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "998C6A17-5ADC-47F1-AF63-9B425143C086", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5604E66-E9CC-4B78-AF6A-2341B30E3594", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "252643DB-46F7-41E9-96E0-0669DD486E5F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "matchCriteriaId": "1924FC8B-4031-4EA3-B214-AF6F77D94654", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FBFA62B-2EBC-426A-98DC-235879902E72", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "66034CFD-1303-4B90-AF70-18B7EDBEFE32", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF03B2BB-34BB-4A0D-81CD-1841E524F885", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "237758B3-C096-465F-95C4-EB3F9835D91F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "217B0E6E-BCC9-4D12-ADD4-E2C65323018B", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8E13FC6-D0BF-4674-8A3B-FF5D81B15059", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "82504AE8-4D6F-4A49-A611-FBFB303CD237", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "41B066B3-37CD-4839-909B-A8EC636E5F11", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "matchCriteriaId": "32BAB5C0-F645-4A90-833F-6345335FA1AF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CED8944-D61A-4FDA-A9DB-76CBED16F338", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "matchCriteriaId": "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56489CFF-D34F-4C66-B69B-FB2CE4333D75", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "matchCriteriaId": "27F93A76-6EFF-4DA6-9129-4792E2C125D4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF01111F-8A37-4366-A63E-210E6CE0DB0E", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "matchCriteriaId": "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4476F0C6-0A7D-4735-940C-F5C75316EEE9", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D92A0CE-769D-402F-8FD7-BDD8DF247CFD", "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "matchCriteriaId": "E12892C8-5E01-49A6-BF47-09D630377093", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287." }, { "lang": "es", "value": "Esta vulnerabilidad permite a atacantes adyacentes a la red omitir una autenticaci\u00f3n en instalaciones afectadas de NETGEAR R7800.\u0026#xa0;No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad.\u0026#xa0;El fallo espec\u00edfico se presenta dentro del endpoint apply_save.cgi.\u0026#xa0;Este problema resulta del uso de una clave de cifrado embebida.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el contexto de root.\u0026#xa0;Era ZDI-CAN-12287" } ], "id": "CVE-2021-27254", "lastModified": "2024-11-21T05:57:41.790", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-03-05T20:15:12.317", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-252/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-252/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-259" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-798" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9680E98E-021B-4C71-AAA0-AEF49C6AD95F", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED01605-09B9-417E-AE6F-1F62888A0C93", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89EDAF30-2238-495C-920F-F32CC17C046B", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "matchCriteriaId": "261C0D85-C951-4F0C-B9C4-0E42B15834EE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD", "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53C5C134-0778-4098-B8B4-F9589516C297", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", "matchCriteriaId": "88DD070C-7CBD-48A5-8D77-7C3D1C502D65", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EF79426-64C8-4FAB-A199-AB7CB82FCD53", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", "matchCriteriaId": "49846803-C6FB-4DD3-ADA7-78B9923536F2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A60E332-CA18-4617-B7C1-4BE82470DE34", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "208CF907-B3ED-4A7D-BA5B-16A00F44683D", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:v2:*:*:*:*:*:*:*", "matchCriteriaId": "946947C2-E4B2-4984-9233-4D4890E1BE07", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "74ED019D-C07A-44BE-BD3E-30885C748DDA", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "matchCriteriaId": "C63267D8-4632-4D14-B39C-BEEC62AD8F87", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "34EB68F4-B710-47C9-A01B-A6361B185A19", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "374F6EAA-A607-4A8F-BA86-EA770BA99189", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E02DD6E2-3A3E-4857-9761-1B40FFA4E755", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:v2:*:*:*:*:*:*:*", "matchCriteriaId": "A44B9FAB-7EC4-4B2B-B3E5-A372645AE661", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E53DAB63-389B-4B73-8F75-231320DC71C8", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8DC1B77-994C-473C-AC97-7CC06341C607", "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4F00B47-FFC8-4D45-B49E-8347504A9A4C", "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37C80013-2E0F-459F-BE08-18D60B109AC0", "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A43D307-64B1-46BF-8237-75518D1703CC", "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01F57C27-EB5A-4F3E-ADF7-684DF8860DA2", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F67B805-17B5-4053-8399-0AFB2EF6E1D4", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2135FFEC-0437-43C6-B146-3EF43E1B007B", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5465A78-4826-4F72-9CBE-528CBF286A79", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A413E57-A780-486E-AF85-EE460C99D696", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "matchCriteriaId": "783EEEE0-BB9A-4C54-82B2-046B1033091C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E19C965E-FA8D-4B42-BCB1-23788621DF45", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "matchCriteriaId": "B801EC38-5B86-49F2-AB81-63F0F07A9BBE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAA4BD93-AE89-4506-936F-26C605685193", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9F31C-3E12-4787-9C9B-14883D9D152A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33146BAB-5A18-4A1F-BDD8-3BB33200CDB2", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "matchCriteriaId": "17D7D346-6F52-4473-A4EA-6059C177BF0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "85AD5F45-F940-4FB5-B4D4-E44D816A3449", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "564B0FDF-7159-42EA-9CAA-BEF791274915", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC2B9C48-9FE6-462B-88EE-046F15E66430", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "998C6A17-5ADC-47F1-AF63-9B425143C086", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5604E66-E9CC-4B78-AF6A-2341B30E3594", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "252643DB-46F7-41E9-96E0-0669DD486E5F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "matchCriteriaId": "1924FC8B-4031-4EA3-B214-AF6F77D94654", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FBFA62B-2EBC-426A-98DC-235879902E72", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "66034CFD-1303-4B90-AF70-18B7EDBEFE32", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF03B2BB-34BB-4A0D-81CD-1841E524F885", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "237758B3-C096-465F-95C4-EB3F9835D91F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "217B0E6E-BCC9-4D12-ADD4-E2C65323018B", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8E13FC6-D0BF-4674-8A3B-FF5D81B15059", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "82504AE8-4D6F-4A49-A611-FBFB303CD237", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "41B066B3-37CD-4839-909B-A8EC636E5F11", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "matchCriteriaId": "32BAB5C0-F645-4A90-833F-6345335FA1AF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CED8944-D61A-4FDA-A9DB-76CBED16F338", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "matchCriteriaId": "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56489CFF-D34F-4C66-B69B-FB2CE4333D75", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "matchCriteriaId": "27F93A76-6EFF-4DA6-9129-4792E2C125D4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF01111F-8A37-4366-A63E-210E6CE0DB0E", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "matchCriteriaId": "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4476F0C6-0A7D-4735-940C-F5C75316EEE9", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D92A0CE-769D-402F-8FD7-BDD8DF247CFD", "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "matchCriteriaId": "E12892C8-5E01-49A6-BF47-09D630377093", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_bind.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12303." }, { "lang": "es", "value": "Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de NETGEAR Nighthawk R7800.\u0026#xa0;Aunque es requerido autenticaci\u00f3n para explotar esta vulnerabilidad, el mecanismo de autenticaci\u00f3n existente puede ser omitido.\u0026#xa0;El fallo espec\u00edfico se presenta dentro del manejo del par\u00e1metro rc_service proporcionado para el archivo apply_bind.cgi.\u0026#xa0;El problema resulta de una falta de comprobaci\u00f3n apropiada de una cadena suministrada por el usuario antes de usarla para ejecutar una llamada al sistema.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de root.\u0026#xa0;Era ZDI-CAN-12303" } ], "id": "CVE-2021-27253", "lastModified": "2024-11-21T05:57:41.613", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-04-14T16:15:13.797", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-249/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-249/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-122" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E99E8C5-D88D-409C-8233-944E254D587F", "versionEndExcluding": "1.0.4.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*", "matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B80222E-C65C-4AA5-9399-E2017D844117", "versionEndExcluding": "1.0.4.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6400:v2:*:*:*:*:*:*:*", "matchCriteriaId": "52AE9AD2-BC8D-477D-A3D3-891AE52FA5F3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D208F2CA-DB20-4C82-8FFF-B99EBFE29713", "versionEndExcluding": "1.0.11.106", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7000:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5A29C8A-71C1-477F-9D17-CD2E74784BB8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "61DE3850-1661-43D1-9E52-31E2E01979EE", "versionEndExcluding": "1.3.2.124", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6900p:*:*:*:*:*:*:*:*", "matchCriteriaId": "3524A509-D0CF-40EB-93FE-9538169CEF53", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C6F506A-464D-4BDE-8F9B-D537D3C7E137", "versionEndExcluding": "1.3.2.124", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7000p:*:*:*:*:*:*:*:*", "matchCriteriaId": "8DC381A4-BDC7-4F40-AD68-F9EEE5370AC1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9800CB2-C14A-406B-B1FF-B1B62862EBDB", "versionEndExcluding": "1.0.4.26", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7900:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F35362B-CF27-4C04-AD15-8579F1F6B949", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7850_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4171EB00-3664-43D5-9B62-A3538C358142", "versionEndExcluding": "1.0.5.60", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7850:*:*:*:*:*:*:*:*", "matchCriteriaId": "7780F243-8E08-4E1F-A819-24386B05F817", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F030129E-95C6-4C31-92A6-DABCDC1B534B", "versionEndExcluding": "1.0.4.58", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8000:*:*:*:*:*:*:*:*", "matchCriteriaId": "41BA56D3-4429-43DA-9988-A83CC92D323D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rs400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "921A8CFC-D86E-4674-998E-31F4F956B5DC", "versionEndExcluding": "1.5.0.48", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rs400:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE56058F-FE7A-43D3-A362-2043B74FAE81", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "478CE991-5E30-438D-94B0-0E15A29E27BD", "versionEndExcluding": "1.0.1.62", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6400:*:*:*:*:*:*:*:*", "matchCriteriaId": "09DF14C8-CE32-47AB-B087-D8D6C84C8F98", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "19D625E4-17F4-44EF-9A51-DA0BAD4835F2", "versionEndExcluding": "1.0.2.16", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6700:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0D05E55-6C70-419A-9A5D-D89AA8F19499", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1D59AC0-2859-46C0-B050-3BB8E3E9CB06", "versionEndExcluding": "1.0.2.16", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6900:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5B64473-5409-419B-967A-E4D7922D7010", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:mk60_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "99DA73AE-E82E-4886-9237-291B6B32BE9E", "versionEndExcluding": "1.0.5.102", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:mk60:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2581D68-BF67-43E9-9465-A510DC80C236", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E18CCBB-46CD-423D-AA66-36F223EFD6E6", "versionEndExcluding": "1.0.5.102", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:mr60:*:*:*:*:*:*:*:*", "matchCriteriaId": "D651DEF9-CC2F-4ADB-9FEE-5C43A8366A75", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "07A1D7A9-29E9-4B1D-90DB-24E0967C9BC7", "versionEndExcluding": "1.0.5.102", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ms60:*:*:*:*:*:*:*:*", "matchCriteriaId": "7467498D-EEFE-4B57-8031-B9F99751D556", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B05686E-7206-4E3B-BDBD-05C8EA6CABB5", "versionEndExcluding": "2.5.0.10", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:cbr40:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACAD2041-9A20-444A-BB81-8764610D6F00", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B377E02-0228-4A2F-90F3-A82E7E964B37", "versionEndExcluding": "1.4.1.62", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8000p:*:*:*:*:*:*:*:*", "matchCriteriaId": "2982807D-D17B-49B8-B0D7-80662EDFC306", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7960p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA8D0327-0A72-44EC-9CC2-6CAF6A0C08B2", "versionEndExcluding": "1.4.1.62", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7960p:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C64BD39-F245-47DB-981D-36613AD40BFF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "44537647-E0B2-477D-98A5-7EA850BF3321", "versionEndExcluding": "1.4.1.62", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7900p:*:*:*:*:*:*:*:*", "matchCriteriaId": "67C27B00-2FD3-4AE9-90B7-AEFA2631C9E4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC5225D5-96AD-43EE-BAA3-37B7FEF97E86", "versionEndExcluding": "1.0.1.64", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rax15:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DED03C1-00A1-49B3-BD19-DCCC489E7FE2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33505A97-35DB-4EFD-9D47-EA03057C8FFD", "versionEndExcluding": "1.0.1.64", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rax20:*:*:*:*:*:*:*:*", "matchCriteriaId": "B881D3AF-6D5B-4AC9-BB36-E673D88BDC54", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADDF0077-E02C-4DDA-A84E-DF3A0237FC66", "versionEndExcluding": "1.0.3.102", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rax75:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCF91BA6-DF2A-4121-9246-83C6DAA89C11", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "81DF924F-FDA4-4588-B8A3-6F18ABBD4976", "versionEndExcluding": "1.0.3.102", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rax80:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4EAEF0F-DCED-4ECC-B8DF-4E91AA030D8E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "49D5D1E8-637A-4970-8753-6A3FCA8FAC64", "versionEndExcluding": "1.0.2.102", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rax200:*:*:*:*:*:*:*:*", "matchCriteriaId": "497D21B1-4F55-408F-8D05-18B2B9F55291", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A3B894E-E712-477A-9960-30AFAB2C35CF", "versionEndExcluding": "1.0.2.64", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rax45:*:*:*:*:*:*:*:*", "matchCriteriaId": "80FD45DF-A29E-46C7-99DC-09EE74F5A276", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A71AE85C-74C4-42C1-BF54-89B6EC38C707", "versionEndExcluding": "1.0.2.64", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rax50:*:*:*:*:*:*:*:*", "matchCriteriaId": "12DA6A42-4064-4884-9D8C-7273CA8F0498", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B59B0C17-2714-48E8-8911-E72488CE32E3", "versionEndExcluding": "1.0.0.68", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7500:*:*:*:*:*:*:*:*", "matchCriteriaId": "111905EF-0E9E-4321-837F-D7E7C146E9FF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:eax80_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C7EE6BC6-DEDA-4005-9E29-D66D0BC7E5C2", "versionEndExcluding": "1.0.1.62", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:eax80:*:*:*:*:*:*:*:*", "matchCriteriaId": "06EC4DE7-7424-4D7C-9979-88C58CBB0978", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "62EFA314-85C0-48CC-938E-E2BF42B16746", "versionEndExcluding": "1.0.0.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:eax20:*:*:*:*:*:*:*:*", "matchCriteriaId": "24022452-B0A3-4101-875A-46D0B5E60D48", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FDD03FFF-ECAF-4527-A195-559DF479A0F2", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk752:*:*:*:*:*:*:*:*", "matchCriteriaId": "31427F8E-7D14-4DE1-AF03-7487073040B1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E391711-0D34-4CBB-9022-BF809C435616", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk753:*:*:*:*:*:*:*:*", "matchCriteriaId": "57204B6D-6D87-4616-91ED-446894C24A3A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C348EA7B-1226-4745-9961-A5B253BE8235", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk753s:*:*:*:*:*:*:*:*", "matchCriteriaId": "DFFAC263-BF84-404C-9A4F-BF9D1D4134E5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "85D95CCB-7E4A-4CA5-A503-FB79DBC08DDE", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk754:*:*:*:*:*:*:*:*", "matchCriteriaId": "2731D467-A9C2-4801-9D41-BBECF0F4C585", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr750:*:*:*:*:*:*:*:*", "matchCriteriaId": "C6CB2B42-ADFE-42A7-8A9D-B5C2ED6F2E7F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C144D71-6C10-44CD-BFF9-907A92F0432C", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs750:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB5309A5-3F84-46F4-BB50-754E9C52FA88", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B66A716A-7EC5-4F9B-853A-36C0D1AA3BFE", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk852:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B06308A-9862-4B1E-A100-B9A8B47311B5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "02781FF1-A884-44D3-8364-FF8371D47FCA", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk853:*:*:*:*:*:*:*:*", "matchCriteriaId": "530F895F-0061-441F-A2BD-CC51A8C13BE5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FAA417FF-DB33-477B-9D73-003CE56C5D78", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk854:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9217A7B-0410-4E57-BD91-8E20237FB52B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE13548D-0A26-45C1-8424-D4705EB105EA", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr850:*:*:*:*:*:*:*:*", "matchCriteriaId": "A77C093D-AF25-4757-880C-698A7902D507", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "041D94DE-78C9-475C-9FAE-0B081C69B55F", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs850:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A92FEE8-77A2-49DE-BCF7-9416F64E5F28", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk842_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5C6DF5F-FEFB-4A30-87CC-379E726AE181", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk842:*:*:*:*:*:*:*:*", "matchCriteriaId": "1AC8A705-F376-4B1F-B5AD-024CE43EB997", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr840_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "451C5603-927A-4EB9-BF9D-150FE16A48F8", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr840:*:*:*:*:*:*:*:*", "matchCriteriaId": "057CD043-7ACD-4284-9CC0-171F437B1501", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs840_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B22B149-BD16-42A0-BB1D-DEF483F6B5E1", "versionEndExcluding": "3.2.16.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs840:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D633C05-5C85-490D-8692-BBA04C36F450", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F898DC9-9250-47DF-844C-F7308365135B", "versionEndExcluding": "1.0.0.70", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6120:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1B44D10-8A75-4643-8937-9157C7C1014D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0754CB8B-A9D4-4444-8426-E1DDBBD2A9D1", "versionEndExcluding": "1.0.0.70", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6220:*:*:*:*:*:*:*:*", "matchCriteriaId": "D00B9746-B4B1-4473-8417-BF1B10831B50", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D35F61B-5E8F-483B-9F31-A312AB8C717F", "versionEndExcluding": "1.0.0.70", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6230:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8C14B49-D069-41E3-94C3-A49E06022D60", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "23D4F7E6-C042-434E-87B8-55DB18B08B0A", "versionEndExcluding": "1.1.0.76", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6260:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E2353F3-A93F-4477-9E2E-4E23EAA5F51C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6850_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3408536D-FC77-48C5-AD15-C5A170D7417C", "versionEndExcluding": "1.1.0.76", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6850:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4F77BFF-3640-4906-ABCF-E3C6945050E3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6350_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F105F6F-ECD3-411D-924E-94BCF036C1EA", "versionEndExcluding": "1.1.0.76", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6350:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B54BEAD-CF85-48AB-87EE-F09FAAF1F3D6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6330_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6524B85E-23AC-4983-8331-96E12899B773", "versionEndExcluding": "1.1.0.76", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6330:*:*:*:*:*:*:*:*", "matchCriteriaId": "D552EC52-5DB8-45BF-BD1B-0554FCEBCD24", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACEAC1F2-EEAE-4880-B6C0-FFAAA29685F1", "versionEndExcluding": "1.0.1.58", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:d7800:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C82317F-0843-4B4F-9FE0-8A44BA651D26", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0E3BFCB-BFF8-4722-BE48-5FA93CACD3AD", "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50:*:*:*:*:*:*:*:*", "matchCriteriaId": "4660355E-74B6-40E5-86E0-3BA55589C557", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "39D6318D-F5A2-4469-B508-075F2825F0FA", "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr50:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D9688E5-D944-437C-81AC-03CA64087DC3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F44708A-C946-4E0F-9D6C-A91AFB4C9EF3", "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50:*:*:*:*:*:*:*:*", "matchCriteriaId": "00C4E1D7-94CB-4A0B-9E74-89880CBFF11C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AAC56D3D-B697-4C9D-ADBB-A45845A3B5D4", "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk40:*:*:*:*:*:*:*:*", "matchCriteriaId": "AADEEDB6-C8F5-41D3-93C8-AB94605554C9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E21623E-9977-486F-93B1-858FC407E9D1", "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr40:*:*:*:*:*:*:*:*", "matchCriteriaId": "5428D4B4-DEEC-4A14-BF24-EB480A614FA8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A32769CF-7D0A-4A3F-AF20-6202CA0C6870", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs40:*:*:*:*:*:*:*:*", "matchCriteriaId": "772CF322-9944-4243-BFBB-8F133AE5A373", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "675E9C59-D39B-47B0-ABEC-32D548650AB7", "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23:*:*:*:*:*:*:*:*", "matchCriteriaId": "752FA3EA-C87D-4402-ACFF-11E1DE15501B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1612C65-9BA0-4CAF-93B3-D528287B0790", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr20:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE1E01AE-DE82-4F20-BCFB-E5A48CCE28AA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "04F03BE5-1440-4BC4-B902-97E702ED0ADF", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs20:*:*:*:*:*:*:*:*", "matchCriteriaId": "B12E8664-5D49-4377-A8C4-175F15E94083", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9EC30751-F447-45A7-8C57-B73042869EA5", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk12:*:*:*:*:*:*:*:*", "matchCriteriaId": "D26AB2BC-061D-4142-9E37-A22368398876", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E7758BF-0AE4-46DB-A014-734F68AEEAA0", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk13:*:*:*:*:*:*:*:*", "matchCriteriaId": "52BB59CE-7024-4F7C-B49B-C2444FAA923E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7CD38DB-B4A3-460E-8F89-E85A0E0F5BD3", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk14:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0CD88D0-E4F4-4695-A2BE-44758F6CA4C4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E25990D-C38A-44E7-A301-AB9E80A9D5CA", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk15:*:*:*:*:*:*:*:*", "matchCriteriaId": "87232E4A-7821-4A7A-8D31-67C91DCCA5B2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8246B8D3-8455-43B1-B0FA-F677B8FF84F5", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr10:*:*:*:*:*:*:*:*", "matchCriteriaId": "69E984D9-C35E-4925-A3C3-695BCEF56C75", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "28DA498C-B466-422E-BAD2-A1F9A15B157F", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs10:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0242C44-637E-4984-B830-9148E265E74B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8956A99-1071-42A7-8984-D7134E755CBF", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6800:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F3127F5-9624-4002-B8F8-D76A01676ADA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A660042D-27F6-4110-AB03-BCAFAC194557", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6900:v2:*:*:*:*:*:*:*", "matchCriteriaId": "2E8EB69B-6619-47B6-A073-D0B840D4EB0B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFA2C5B9-92C2-4E70-B166-87AD9973F80E", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r6700:v2:*:*:*:*:*:*:*", "matchCriteriaId": "9F9706E6-CA53-43E4-91B0-D52655C86860", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "02279B20-D951-46CE-B339-452BC585A4F3", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7200:*:*:*:*:*:*:*:*", "matchCriteriaId": "E330A8C5-1D91-4743-A35C-430CB5EAA0A2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7350_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B452611A-43C5-401B-95BD-189020B5C65C", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7350:*:*:*:*:*:*:*:*", "matchCriteriaId": "F27FB281-6C22-45E6-A3A1-DE90C3F2B608", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "237C68C0-C2A9-4F71-9E08-547F2A317CBC", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7400:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE8F6B4F-5995-40A4-89B4-325BACA086A2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "63697E3A-AAA3-42E7-8116-93C6548D3AB7", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7450:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB5E5161-10A9-41A9-9FC4-9A5F6B4536AA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C1280B1-A2DF-4CAB-AB19-6B463206AA3D", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ac2100:*:*:*:*:*:*:*:*", "matchCriteriaId": "DDFA0025-8657-4A20-A282-D1034D8BBEF3", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "76C658A4-BF82-40CE-A5E1-C9F3DA1A9B0B", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ac2400:*:*:*:*:*:*:*:*", "matchCriteriaId": "710011A1-F633-4B5D-9C09-04E518C71DE9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A3A6655-B468-46FB-84D7-2294D4243C91", "versionEndExcluding": "1.2.0.72", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ac2600:*:*:*:*:*:*:*:*", "matchCriteriaId": "474A7CEB-7133-40FA-8FC5-BC85D712DABF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C393DBF4-8281-4611-B591-CDB9DF0AA958", "versionEndExcluding": "1.0.2.74", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7800:*:*:*:*:*:*:*:*", "matchCriteriaId": "01CF301B-9DF5-4960-BD62-06E56EDF1031", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "57314D03-64B1-4973-9D36-5D22A71DBCBB", "versionEndExcluding": "1.0.5.24", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8900:*:*:*:*:*:*:*:*", "matchCriteriaId": "0CD4841B-0F5C-4B7B-9764-F37605BF7AD9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0DCE56F2-5A45-4B31-99EF-1D8455C71E5C", "versionEndExcluding": "1.0.5.24", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r9000:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4AAEB70-4F97-4044-B897-86020787DE01", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B697A877-214C-4701-AA9B-FE9C23FDBCEB", "versionEndExcluding": "1.0.1.136", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rax120:*:*:*:*:*:*:*:*", "matchCriteriaId": "B302272A-8BCE-47B7-B7DB-026B22A39367", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "051E8D2A-0EB0-43A7-9AAA-8519B8CC7FE0", "versionEndExcluding": "2.3.2.66", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr450:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA83AEEB-FBEB-40A9-9F61-814596C00922", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BCFB551-95C6-4EEF-83F0-4246F67E6668", "versionEndExcluding": "2.3.2.66", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr500:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F284951-6DAA-4AA4-A189-44CDB44878A5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89AB672D-DD24-483E-B69D-7E46AF199483", "versionEndExcluding": "1.0.1.34", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr700:*:*:*:*:*:*:*:*", "matchCriteriaId": "1AF919EF-8893-4E1A-A854-3FB932682504", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D71EDB94-370B-46C3-A14E-3F3FB130DD49", "versionEndExcluding": "1.0.3.50", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr300:*:*:*:*:*:*:*:*", "matchCriteriaId": "AED2DE10-EC70-4A50-9C17-2C02569BD149", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50." }, { "lang": "es", "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un usuario autenticado. Esto afecta al R6700v3 versiones anteriores a 1.0.4.98, al R6400v2 versiones anteriores a 1.0.4.98, al R7000 versiones anteriores a 1.0.11.106, al R6900P versiones anteriores a 1.3.2.124, al R7000P versiones anteriores a 1.3.2.124, al R7900 versiones anteriores a 1.0.4.26, al R7850 versiones anteriores a 1.0.5.60, al R8000 versiones anteriores a 1.0.4.58, al RS400 versiones anteriores a 1.5.0.48, al R6400 versiones anteriores a 1.0.1. 62, R6700 versiones anteriores a 1.0.2.16, R6900 versiones anteriores a 1.0.2.16, MK60 versiones anteriores a 1.0.5.102, MR60 versiones anteriores a 1.0.5.102, MS60 versiones anteriores a 1.0.5.102, CBR40 versiones anteriores a 2.5.0.10, R8000P versiones anteriores a 1.4.1.62, R7960P versiones anteriores a 1.4.1.62, R7900P versiones anteriores a 1.4.1.62, RAX15 versiones anteriores a 1.0.1.64, RAX20 versiones anteriores a 1. 0.1.64, RAX75 versiones anteriores a 1.0.3.102, RAX80 versiones anteriores a 1.0.3.102, RAX200 versiones anteriores a 1.0.2.102, RAX45 versiones anteriores a 1.0.2.64, RAX50 versiones anteriores a 1.0.2.64, EX7500 versiones anteriores a 1.0.0.68, EAX80 versiones anteriores a 1.0.1.62, EAX20 versiones anteriores a 1.0.0.36, RBK752 versiones anteriores a 3.2.16.6, RBK753 versiones anteriores a 3.2.16. 6, RBK753S versiones anteriores a 3.2.16.6, RBK754 versiones anteriores a 3.2.16.6, RBR750 versiones anteriores a 3.2.16.6, RBS750 versiones anteriores a 3.2.16.6, RBK852 versiones anteriores a 3.2.16. 6, RBK853 versiones anteriores a 3.2.16.6, RBK854 versiones anteriores a 3.2.16.6, RBR850 versiones anteriores a 3.2.16.6, RBS850 versiones anteriores a 3.2.16.6, RBR840 versiones anteriores a 3.2.16. 6, RBS840 versiones anteriores a 3.2.16.6, R6120 versiones anteriores a 1.0.0.70, R6220 versiones anteriores a 1.1.0.100, R6230 versiones anteriores a 1.1.0.100, R6260 versiones anteriores a 1.1.0.76, R6850 versiones anteriores a 1.1.0.76, R6350 versiones anteriores a 1.1.0.76, R6330 versiones anteriores a 1.1.0.76, D7800 versiones anteriores a 1.0.1.58, RBK50 versiones anteriores a 2.6.1.40, RBR50 versiones anteriores a 2. 6.1.40, RBS50 versiones anteriores a 2.6.1.40, RBK40 versiones anteriores a 2.6.1.36, RBR40 versiones anteriores a 2.6.1.36, RBS40 versiones anteriores a 2.6.1.38, RBK23 versiones anteriores a 2.6.1.36, RBR20 versiones anteriores a 2.6.1.38, RBS20 versiones anteriores a 2.6.1.38, RBK12 versiones anteriores a 2.6.1.44, RBK13 versiones anteriores a 2.6.1.44, RBK14 versiones anteriores a 2.6.1. 44, RBK15 versiones anteriores a 2.6.1.44, RBR10 versiones anteriores a 2.6.1.44, RBS10 versiones anteriores a 2.6.1.44, R6800 versiones anteriores a 1.2.0.72, R6900v2 versiones anteriores a 1.2.0. 72, R6700v2 versiones anteriores a 1.2.0.72, R7200 versiones anteriores a 1.2.0.72, R7350 versiones anteriores a 1.2.0.72, R7400 versiones anteriores a 1.2.0.72, R7450 versiones anteriores a 1.2.0.72, AC2100 versiones anteriores a 1. 2.0.72, AC2400 versiones anteriores a 1.2.0.72, AC2600 versiones anteriores a 1.2.0.72, R7800 versiones anteriores a 1.0.2.74, R8900 versiones anteriores a 1.0.5.24, R9000 versiones anteriores a 1.0.5.24, RAX120 versiones anteriores a 1.0.1.136, XR450 versiones anteriores a 2.3.2.66, XR500 versiones anteriores a 2.3.2.66, XR700 versiones anteriores a 1.0.1.34 y XR300 versiones anteriores a 1.0.3.50" } ], "id": "CVE-2021-29068", "lastModified": "2024-11-21T06:00:38.353", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "cve@mitre.org", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-03-23T07:15:13.297", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-120" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9680E98E-021B-4C71-AAA0-AEF49C6AD95F", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED01605-09B9-417E-AE6F-1F62888A0C93", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89EDAF30-2238-495C-920F-F32CC17C046B", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "matchCriteriaId": "261C0D85-C951-4F0C-B9C4-0E42B15834EE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD", "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53C5C134-0778-4098-B8B4-F9589516C297", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", "matchCriteriaId": "88DD070C-7CBD-48A5-8D77-7C3D1C502D65", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EF79426-64C8-4FAB-A199-AB7CB82FCD53", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", "matchCriteriaId": "49846803-C6FB-4DD3-ADA7-78B9923536F2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A60E332-CA18-4617-B7C1-4BE82470DE34", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "208CF907-B3ED-4A7D-BA5B-16A00F44683D", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:v2:*:*:*:*:*:*:*", "matchCriteriaId": "946947C2-E4B2-4984-9233-4D4890E1BE07", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "74ED019D-C07A-44BE-BD3E-30885C748DDA", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "matchCriteriaId": "C63267D8-4632-4D14-B39C-BEEC62AD8F87", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "34EB68F4-B710-47C9-A01B-A6361B185A19", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "374F6EAA-A607-4A8F-BA86-EA770BA99189", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E02DD6E2-3A3E-4857-9761-1B40FFA4E755", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:v2:*:*:*:*:*:*:*", "matchCriteriaId": "A44B9FAB-7EC4-4B2B-B3E5-A372645AE661", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E53DAB63-389B-4B73-8F75-231320DC71C8", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8DC1B77-994C-473C-AC97-7CC06341C607", "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4F00B47-FFC8-4D45-B49E-8347504A9A4C", "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37C80013-2E0F-459F-BE08-18D60B109AC0", "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A43D307-64B1-46BF-8237-75518D1703CC", "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01F57C27-EB5A-4F3E-ADF7-684DF8860DA2", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F67B805-17B5-4053-8399-0AFB2EF6E1D4", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2135FFEC-0437-43C6-B146-3EF43E1B007B", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5465A78-4826-4F72-9CBE-528CBF286A79", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A413E57-A780-486E-AF85-EE460C99D696", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "matchCriteriaId": "783EEEE0-BB9A-4C54-82B2-046B1033091C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E19C965E-FA8D-4B42-BCB1-23788621DF45", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "matchCriteriaId": "B801EC38-5B86-49F2-AB81-63F0F07A9BBE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAA4BD93-AE89-4506-936F-26C605685193", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9F31C-3E12-4787-9C9B-14883D9D152A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33146BAB-5A18-4A1F-BDD8-3BB33200CDB2", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "matchCriteriaId": "17D7D346-6F52-4473-A4EA-6059C177BF0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "85AD5F45-F940-4FB5-B4D4-E44D816A3449", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "564B0FDF-7159-42EA-9CAA-BEF791274915", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC2B9C48-9FE6-462B-88EE-046F15E66430", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "998C6A17-5ADC-47F1-AF63-9B425143C086", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5604E66-E9CC-4B78-AF6A-2341B30E3594", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "252643DB-46F7-41E9-96E0-0669DD486E5F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "matchCriteriaId": "1924FC8B-4031-4EA3-B214-AF6F77D94654", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FBFA62B-2EBC-426A-98DC-235879902E72", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "66034CFD-1303-4B90-AF70-18B7EDBEFE32", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF03B2BB-34BB-4A0D-81CD-1841E524F885", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "237758B3-C096-465F-95C4-EB3F9835D91F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "217B0E6E-BCC9-4D12-ADD4-E2C65323018B", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8E13FC6-D0BF-4674-8A3B-FF5D81B15059", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "82504AE8-4D6F-4A49-A611-FBFB303CD237", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "41B066B3-37CD-4839-909B-A8EC636E5F11", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "matchCriteriaId": "32BAB5C0-F645-4A90-833F-6345335FA1AF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CED8944-D61A-4FDA-A9DB-76CBED16F338", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "matchCriteriaId": "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56489CFF-D34F-4C66-B69B-FB2CE4333D75", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "matchCriteriaId": "27F93A76-6EFF-4DA6-9129-4792E2C125D4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF01111F-8A37-4366-A63E-210E6CE0DB0E", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "matchCriteriaId": "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4476F0C6-0A7D-4735-940C-F5C75316EEE9", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D92A0CE-769D-402F-8FD7-BDD8DF247CFD", "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "matchCriteriaId": "E12892C8-5E01-49A6-BF47-09D630377093", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216." }, { "lang": "es", "value": "Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de NETGEAR R7800 versiones de firmware 1.0.2.76.\u0026#xa0;No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad.\u0026#xa0;El fallo espec\u00edfico se presenta dentro del manejo del c\u00f3digo de operaci\u00f3n DHCP espec\u00edfico del proveedor.\u0026#xa0;El problema resulta de una falta de comprobaci\u00f3n apropiada de una cadena suministrada por el usuario antes de usarla para ejecutar una llamada al sistema.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de root.\u0026#xa0;Era ZDI-CAN-12216" } ], "id": "CVE-2021-27252", "lastModified": "2024-11-21T05:57:41.453", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-04-14T16:15:13.737", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-248/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-248/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9680E98E-021B-4C71-AAA0-AEF49C6AD95F", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED01605-09B9-417E-AE6F-1F62888A0C93", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89EDAF30-2238-495C-920F-F32CC17C046B", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "matchCriteriaId": "261C0D85-C951-4F0C-B9C4-0E42B15834EE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD", "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53C5C134-0778-4098-B8B4-F9589516C297", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "597D1ED8-FE6A-4325-83AB-5CA544CFA1AF", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5828F04B-E373-4E4F-942D-08CCA038418C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A60E332-CA18-4617-B7C1-4BE82470DE34", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "208CF907-B3ED-4A7D-BA5B-16A00F44683D", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5882095F-B22A-4937-BA08-6640140F10AE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "74ED019D-C07A-44BE-BD3E-30885C748DDA", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "matchCriteriaId": "C63267D8-4632-4D14-B39C-BEEC62AD8F87", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "34EB68F4-B710-47C9-A01B-A6361B185A19", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "374F6EAA-A607-4A8F-BA86-EA770BA99189", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E02DD6E2-3A3E-4857-9761-1B40FFA4E755", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A88D2A3-3B22-4639-94E9-69CE80F37392", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E53DAB63-389B-4B73-8F75-231320DC71C8", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8DC1B77-994C-473C-AC97-7CC06341C607", "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4F00B47-FFC8-4D45-B49E-8347504A9A4C", "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37C80013-2E0F-459F-BE08-18D60B109AC0", "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A43D307-64B1-46BF-8237-75518D1703CC", "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01F57C27-EB5A-4F3E-ADF7-684DF8860DA2", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F67B805-17B5-4053-8399-0AFB2EF6E1D4", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2135FFEC-0437-43C6-B146-3EF43E1B007B", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5465A78-4826-4F72-9CBE-528CBF286A79", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A413E57-A780-486E-AF85-EE460C99D696", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "matchCriteriaId": "783EEEE0-BB9A-4C54-82B2-046B1033091C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E19C965E-FA8D-4B42-BCB1-23788621DF45", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "matchCriteriaId": "B801EC38-5B86-49F2-AB81-63F0F07A9BBE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAA4BD93-AE89-4506-936F-26C605685193", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9F31C-3E12-4787-9C9B-14883D9D152A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33146BAB-5A18-4A1F-BDD8-3BB33200CDB2", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "matchCriteriaId": "17D7D346-6F52-4473-A4EA-6059C177BF0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "85AD5F45-F940-4FB5-B4D4-E44D816A3449", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "564B0FDF-7159-42EA-9CAA-BEF791274915", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC2B9C48-9FE6-462B-88EE-046F15E66430", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "998C6A17-5ADC-47F1-AF63-9B425143C086", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5604E66-E9CC-4B78-AF6A-2341B30E3594", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "252643DB-46F7-41E9-96E0-0669DD486E5F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "matchCriteriaId": "1924FC8B-4031-4EA3-B214-AF6F77D94654", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FBFA62B-2EBC-426A-98DC-235879902E72", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "66034CFD-1303-4B90-AF70-18B7EDBEFE32", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF03B2BB-34BB-4A0D-81CD-1841E524F885", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "237758B3-C096-465F-95C4-EB3F9835D91F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "217B0E6E-BCC9-4D12-ADD4-E2C65323018B", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8E13FC6-D0BF-4674-8A3B-FF5D81B15059", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "82504AE8-4D6F-4A49-A611-FBFB303CD237", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "41B066B3-37CD-4839-909B-A8EC636E5F11", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "matchCriteriaId": "32BAB5C0-F645-4A90-833F-6345335FA1AF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CED8944-D61A-4FDA-A9DB-76CBED16F338", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "matchCriteriaId": "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56489CFF-D34F-4C66-B69B-FB2CE4333D75", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "matchCriteriaId": "27F93A76-6EFF-4DA6-9129-4792E2C125D4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF01111F-8A37-4366-A63E-210E6CE0DB0E", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "matchCriteriaId": "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4476F0C6-0A7D-4735-940C-F5C75316EEE9", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D92A0CE-769D-402F-8FD7-BDD8DF247CFD", "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "matchCriteriaId": "E12892C8-5E01-49A6-BF47-09D630377093", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355." }, { "lang": "es", "value": "Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en instalaciones afectadas de NETGEAR R7800 versi\u00f3n de firmware 1.0.2.76.\u0026#xa0;Aunque es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad, el mecanismo de autentificaci\u00f3n existente puede ser omitido.\u0026#xa0;El fallo espec\u00edfico se presenta dentro del manejo del par\u00e1metro rc_service proporcionado para el archivo apply_save.cgi.\u0026#xa0;El problema resulta de la falta de comprobaci\u00f3n apropiada de una cadena suministrada por el usuario antes de usarla para ejecutar una llamada al sistema.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de root.\u0026#xa0;Era ZDI-CAN-12355" } ], "id": "CVE-2021-27256", "lastModified": "2024-11-21T05:57:42.160", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-03-05T20:15:12.550", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9680E98E-021B-4C71-AAA0-AEF49C6AD95F", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED01605-09B9-417E-AE6F-1F62888A0C93", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89EDAF30-2238-495C-920F-F32CC17C046B", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "matchCriteriaId": "261C0D85-C951-4F0C-B9C4-0E42B15834EE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD", "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53C5C134-0778-4098-B8B4-F9589516C297", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "597D1ED8-FE6A-4325-83AB-5CA544CFA1AF", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5828F04B-E373-4E4F-942D-08CCA038418C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A60E332-CA18-4617-B7C1-4BE82470DE34", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "208CF907-B3ED-4A7D-BA5B-16A00F44683D", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5882095F-B22A-4937-BA08-6640140F10AE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "74ED019D-C07A-44BE-BD3E-30885C748DDA", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "matchCriteriaId": "C63267D8-4632-4D14-B39C-BEEC62AD8F87", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "34EB68F4-B710-47C9-A01B-A6361B185A19", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "374F6EAA-A607-4A8F-BA86-EA770BA99189", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E02DD6E2-3A3E-4857-9761-1B40FFA4E755", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A88D2A3-3B22-4639-94E9-69CE80F37392", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E53DAB63-389B-4B73-8F75-231320DC71C8", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8DC1B77-994C-473C-AC97-7CC06341C607", "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4F00B47-FFC8-4D45-B49E-8347504A9A4C", "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37C80013-2E0F-459F-BE08-18D60B109AC0", "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A43D307-64B1-46BF-8237-75518D1703CC", "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01F57C27-EB5A-4F3E-ADF7-684DF8860DA2", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F67B805-17B5-4053-8399-0AFB2EF6E1D4", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2135FFEC-0437-43C6-B146-3EF43E1B007B", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5465A78-4826-4F72-9CBE-528CBF286A79", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A413E57-A780-486E-AF85-EE460C99D696", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "matchCriteriaId": "783EEEE0-BB9A-4C54-82B2-046B1033091C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E19C965E-FA8D-4B42-BCB1-23788621DF45", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "matchCriteriaId": "B801EC38-5B86-49F2-AB81-63F0F07A9BBE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAA4BD93-AE89-4506-936F-26C605685193", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9F31C-3E12-4787-9C9B-14883D9D152A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33146BAB-5A18-4A1F-BDD8-3BB33200CDB2", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "matchCriteriaId": "17D7D346-6F52-4473-A4EA-6059C177BF0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "85AD5F45-F940-4FB5-B4D4-E44D816A3449", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "564B0FDF-7159-42EA-9CAA-BEF791274915", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC2B9C48-9FE6-462B-88EE-046F15E66430", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "998C6A17-5ADC-47F1-AF63-9B425143C086", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5604E66-E9CC-4B78-AF6A-2341B30E3594", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "252643DB-46F7-41E9-96E0-0669DD486E5F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "matchCriteriaId": "1924FC8B-4031-4EA3-B214-AF6F77D94654", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FBFA62B-2EBC-426A-98DC-235879902E72", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "66034CFD-1303-4B90-AF70-18B7EDBEFE32", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF03B2BB-34BB-4A0D-81CD-1841E524F885", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "237758B3-C096-465F-95C4-EB3F9835D91F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "217B0E6E-BCC9-4D12-ADD4-E2C65323018B", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8E13FC6-D0BF-4674-8A3B-FF5D81B15059", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "82504AE8-4D6F-4A49-A611-FBFB303CD237", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "41B066B3-37CD-4839-909B-A8EC636E5F11", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "matchCriteriaId": "32BAB5C0-F645-4A90-833F-6345335FA1AF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CED8944-D61A-4FDA-A9DB-76CBED16F338", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "matchCriteriaId": "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56489CFF-D34F-4C66-B69B-FB2CE4333D75", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "matchCriteriaId": "27F93A76-6EFF-4DA6-9129-4792E2C125D4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF01111F-8A37-4366-A63E-210E6CE0DB0E", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "matchCriteriaId": "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4476F0C6-0A7D-4735-940C-F5C75316EEE9", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D92A0CE-769D-402F-8FD7-BDD8DF247CFD", "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "matchCriteriaId": "E12892C8-5E01-49A6-BF47-09D630377093", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362." }, { "lang": "es", "value": "Esta vulnerabilidad permite a atacantes adyacentes a la red comprometer la integridad de la informaci\u00f3n descargada en instalaciones afectadas de NETGEAR R7800 versi\u00f3n de firmware 1.0.2.76.\u0026#xa0;No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad.\u0026#xa0;El fallo espec\u00edfico se presenta dentro de la descarga de archivos por medio de FTP.\u0026#xa0;El problema resulta de la falta de comprobaci\u00f3n apropiada del certificado presentado por el servidor.\u0026#xa0;Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto de root.\u0026#xa0;Era ZDI-CAN-12362" } ], "id": "CVE-2021-27257", "lastModified": "2024-11-21T05:57:42.320", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-03-05T20:15:12.660", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-295" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9680E98E-021B-4C71-AAA0-AEF49C6AD95F", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED01605-09B9-417E-AE6F-1F62888A0C93", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89EDAF30-2238-495C-920F-F32CC17C046B", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "matchCriteriaId": "261C0D85-C951-4F0C-B9C4-0E42B15834EE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD", "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53C5C134-0778-4098-B8B4-F9589516C297", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", "matchCriteriaId": "88DD070C-7CBD-48A5-8D77-7C3D1C502D65", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EF79426-64C8-4FAB-A199-AB7CB82FCD53", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", "matchCriteriaId": "49846803-C6FB-4DD3-ADA7-78B9923536F2", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A60E332-CA18-4617-B7C1-4BE82470DE34", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "208CF907-B3ED-4A7D-BA5B-16A00F44683D", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:v2:*:*:*:*:*:*:*", "matchCriteriaId": "946947C2-E4B2-4984-9233-4D4890E1BE07", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "74ED019D-C07A-44BE-BD3E-30885C748DDA", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "matchCriteriaId": "C63267D8-4632-4D14-B39C-BEEC62AD8F87", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "34EB68F4-B710-47C9-A01B-A6361B185A19", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "374F6EAA-A607-4A8F-BA86-EA770BA99189", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E02DD6E2-3A3E-4857-9761-1B40FFA4E755", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:v2:*:*:*:*:*:*:*", "matchCriteriaId": "A44B9FAB-7EC4-4B2B-B3E5-A372645AE661", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E53DAB63-389B-4B73-8F75-231320DC71C8", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8DC1B77-994C-473C-AC97-7CC06341C607", "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4F00B47-FFC8-4D45-B49E-8347504A9A4C", "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37C80013-2E0F-459F-BE08-18D60B109AC0", "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A43D307-64B1-46BF-8237-75518D1703CC", "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01F57C27-EB5A-4F3E-ADF7-684DF8860DA2", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F67B805-17B5-4053-8399-0AFB2EF6E1D4", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2135FFEC-0437-43C6-B146-3EF43E1B007B", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5465A78-4826-4F72-9CBE-528CBF286A79", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A413E57-A780-486E-AF85-EE460C99D696", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "matchCriteriaId": "783EEEE0-BB9A-4C54-82B2-046B1033091C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E19C965E-FA8D-4B42-BCB1-23788621DF45", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "matchCriteriaId": "B801EC38-5B86-49F2-AB81-63F0F07A9BBE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAA4BD93-AE89-4506-936F-26C605685193", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9F31C-3E12-4787-9C9B-14883D9D152A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33146BAB-5A18-4A1F-BDD8-3BB33200CDB2", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "matchCriteriaId": "17D7D346-6F52-4473-A4EA-6059C177BF0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "85AD5F45-F940-4FB5-B4D4-E44D816A3449", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "564B0FDF-7159-42EA-9CAA-BEF791274915", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC2B9C48-9FE6-462B-88EE-046F15E66430", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "998C6A17-5ADC-47F1-AF63-9B425143C086", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5604E66-E9CC-4B78-AF6A-2341B30E3594", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "252643DB-46F7-41E9-96E0-0669DD486E5F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "matchCriteriaId": "1924FC8B-4031-4EA3-B214-AF6F77D94654", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FBFA62B-2EBC-426A-98DC-235879902E72", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "66034CFD-1303-4B90-AF70-18B7EDBEFE32", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF03B2BB-34BB-4A0D-81CD-1841E524F885", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "237758B3-C096-465F-95C4-EB3F9835D91F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "217B0E6E-BCC9-4D12-ADD4-E2C65323018B", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8E13FC6-D0BF-4674-8A3B-FF5D81B15059", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "82504AE8-4D6F-4A49-A611-FBFB303CD237", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "41B066B3-37CD-4839-909B-A8EC636E5F11", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "matchCriteriaId": "32BAB5C0-F645-4A90-833F-6345335FA1AF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CED8944-D61A-4FDA-A9DB-76CBED16F338", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "matchCriteriaId": "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56489CFF-D34F-4C66-B69B-FB2CE4333D75", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "matchCriteriaId": "27F93A76-6EFF-4DA6-9129-4792E2C125D4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF01111F-8A37-4366-A63E-210E6CE0DB0E", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "matchCriteriaId": "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4476F0C6-0A7D-4735-940C-F5C75316EEE9", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D92A0CE-769D-402F-8FD7-BDD8DF247CFD", "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "matchCriteriaId": "E12892C8-5E01-49A6-BF47-09D630377093", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308." }, { "lang": "es", "value": "Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de NETGEAR Nighthawk R7800.\u0026#xa0;No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad. Un fallo espec\u00edfico se presenta dentro del manejo de las actualizaciones del firmware.\u0026#xa0;El problema es el resultado de un retroceso a un protocolo no seguro para entregar actualizaciones.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de root.\u0026#xa0;Era ZDI-CAN-12308" } ], "id": "CVE-2021-27251", "lastModified": "2024-11-21T05:57:41.280", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-04-14T16:15:13.657", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-247/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-247/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-319" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:cbk40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DA0F1EB-D7F3-466B-BE3F-0600C4120870", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:cbk40:-:*:*:*:*:*:*:*", "matchCriteriaId": "E526746E-1ED6-492E-B28C-A1CA8235D9FD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:cbk43_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1A41A8FB-9891-4553-BD1E-BB11D904D774", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:cbk43:-:*:*:*:*:*:*:*", "matchCriteriaId": "582259CB-2616-4A3F-A9B6-C44640C00B11", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C9B6DD4-11E1-496F-909F-0A50203A8D01", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:cbr40:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE0F7E9E-196C-4106-B1C9-C16FA5910A0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CFB377D0-AF61-4A9F-B9B5-71F68B13E081", "versionEndExcluding": "1.0.1.82", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*", "matchCriteriaId": "B4F62287-CB55-4FB1-AA39-62018654BA39", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6566C37A-252E-4301-952E-5C6F19F42326", "versionEndExcluding": "1.0.0.210", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "456DA66C-6B99-4D0D-8F32-952905F9C752", "versionEndExcluding": "1.0.1.224", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9EC30751-F447-45A7-8C57-B73042869EA5", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5465A78-4826-4F72-9CBE-528CBF286A79", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2E7758BF-0AE4-46DB-A014-734F68AEEAA0", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "matchCriteriaId": "783EEEE0-BB9A-4C54-82B2-046B1033091C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7CD38DB-B4A3-460E-8F89-E85A0E0F5BD3", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E25990D-C38A-44E7-A301-AB9E80A9D5CA", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "matchCriteriaId": "B801EC38-5B86-49F2-AB81-63F0F07A9BBE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8246B8D3-8455-43B1-B0FA-F677B8FF84F5", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "28DA498C-B466-422E-BAD2-A1F9A15B157F", "versionEndExcluding": "2.6.1.44", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "matchCriteriaId": "32BAB5C0-F645-4A90-833F-6345335FA1AF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk20w_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "78B13562-D83E-4FDB-9EFF-CA9178487F6D", "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk20w:-:*:*:*:*:*:*:*", "matchCriteriaId": "DCD3D5A1-AD84-448C-9749-6E6050BC7BD5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23w_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2AF75EFB-3A9E-49C8-AC78-62E85A565BA5", "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23w:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1922BDC-5675-40D6-ACB1-DA37CE29E983", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk20_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CC4CE9F-0BE6-411B-88DA-B556BF176A03", "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "criteria": "cpe:2.3:o:netgear:rbk20_satellite_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D00E9E02-41D7-449E-990E-B6D77E257C66", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9F31C-3E12-4787-9C9B-14883D9D152A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk22_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBEC1C34-0D1B-4F04-972B-631C5D4C949B", "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "criteria": "cpe:2.3:o:netgear:rbk22_satellite_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "441F02E6-28B8-4370-AFE0-CC0AC7BAE468", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk22:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E1BA765-5318-4A96-885D-3078148A74E4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5679C75-E6C0-42A3-8F0C-AB01E521C654", "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "criteria": "cpe:2.3:o:netgear:rbk23_satellite_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F03405C-03F0-4519-AB67-DF130B2F6A58", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "matchCriteriaId": "17D7D346-6F52-4473-A4EA-6059C177BF0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C80BEFF8-7094-4F21-B9E7-EE5C8B9DF3B3", "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "04F03BE5-1440-4BC4-B902-97E702ED0ADF", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "matchCriteriaId": "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk30_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C67589C-60B0-4E0C-8A96-B14ACCDA3530", "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk30:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC72B028-AB28-43FC-9675-60CC8BAC0D03", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk33_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "728792F6-E1F9-4091-A3B7-E14E38046887", "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk33:-:*:*:*:*:*:*:*", "matchCriteriaId": "69EEAF94-1853-49A7-979E-A72393C9D2BE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk40_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D0E7860-D090-4292-8695-6ADC62DBBF45", "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "criteria": "cpe:2.3:o:netgear:rbk40_satellite_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "126A1A8E-6D4F-487C-A6C0-D3EB2227373F", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA824C34-9C10-4267-8756-CAB2D6C059E1", "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "criteria": "cpe:2.3:o:netgear:rbk43_satellite_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6AE23B04-F203-43A4-AEFB-7B97C27AE8D9", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC2B9C48-9FE6-462B-88EE-046F15E66430", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43s_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "90F559B5-D5B4-4A64-8739-9A085A648A3E", "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "criteria": "cpe:2.3:o:netgear:rbk43s_satellite_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1BEB1817-8191-407B-97B2-3D93BCCB4184", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5604E66-E9CC-4B78-AF6A-2341B30E3594", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk44_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "71232620-E9DE-4227-B531-685BB33BF3AC", "versionEndExcluding": "2.6.1.36", "vulnerable": true }, { "criteria": "cpe:2.3:o:netgear:rbk44_satellite_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "08102CF5-1CB9-4839-84F9-54233F4B1F09", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "matchCriteriaId": "1924FC8B-4031-4EA3-B214-AF6F77D94654", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E21623E-9977-486F-93B1-858FC407E9D1", "versionEndExcluding": "2.6.1.36", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A32769CF-7D0A-4A3F-AF20-6202CA0C6870", "versionEndExcluding": "2.6.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0E3BFCB-BFF8-4722-BE48-5FA93CACD3AD", "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50v_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5540756-07E2-463E-8B45-87A1FEEE0B1D", "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50v:-:*:*:*:*:*:*:*", "matchCriteriaId": "54453B5D-4E51-4DAB-8670-5A99C0D4CE3E", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk52w_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "426AA184-3B9E-42AF-85E2-F034D7E9B845", "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk52w:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6FABBC7-5C16-4630-8185-AADF3A9D6E69", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "39D6318D-F5A2-4469-B508-075F2825F0FA", "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F44708A-C946-4E0F-9D6C-A91AFB4C9EF3", "versionEndExcluding": "2.6.1.40", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11076." }, { "lang": "es", "value": "Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de los enrutadores NETGEAR Orbi versi\u00f3n 2.5.1.16. No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad. El fallo espec\u00edfico se presenta dentro de la utilidad UA_Parser. Una opci\u00f3n de nombre de host dise\u00f1ada en una petici\u00f3n DHCP puede desencadenar la ejecuci\u00f3n de una llamada de sistema compuesta a partir de una cadena suministrada por el usuario. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de root. Era ZDI-CAN-11076" } ], "id": "CVE-2020-27861", "lastModified": "2024-11-21T05:21:57.107", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-02-12T00:15:12.500", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Vendor Advisory" ], "url": "https://kb.netgear.com/000062507/Security-Advisory-for-Unauthenticated-Command-Injection-Vulnerability-on-Some-Extenders-and-Orbi-WiFi-Systems" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1430/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://kb.netgear.com/000062507/Security-Advisory-for-Unauthenticated-Command-Injection-Vulnerability-on-Some-Extenders-and-Orbi-WiFi-Systems" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1430/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9680E98E-021B-4C71-AAA0-AEF49C6AD95F", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED01605-09B9-417E-AE6F-1F62888A0C93", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89EDAF30-2238-495C-920F-F32CC17C046B", "versionEndExcluding": "5.10.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*", "matchCriteriaId": "261C0D85-C951-4F0C-B9C4-0E42B15834EE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD", "versionEndExcluding": "1.0.1.60", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53C5C134-0778-4098-B8B4-F9589516C297", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "597D1ED8-FE6A-4325-83AB-5CA544CFA1AF", "versionEndExcluding": "1.0.1.98", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5828F04B-E373-4E4F-942D-08CCA038418C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A60E332-CA18-4617-B7C1-4BE82470DE34", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "208CF907-B3ED-4A7D-BA5B-16A00F44683D", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "5882095F-B22A-4937-BA08-6640140F10AE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "74ED019D-C07A-44BE-BD3E-30885C748DDA", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "matchCriteriaId": "C63267D8-4632-4D14-B39C-BEEC62AD8F87", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "34EB68F4-B710-47C9-A01B-A6361B185A19", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "374F6EAA-A607-4A8F-BA86-EA770BA99189", "versionEndExcluding": "1.0.2.158", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E02DD6E2-3A3E-4857-9761-1B40FFA4E755", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A88D2A3-3B22-4639-94E9-69CE80F37392", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E53DAB63-389B-4B73-8F75-231320DC71C8", "versionEndExcluding": "1.0.0.134", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8DC1B77-994C-473C-AC97-7CC06341C607", "versionEndExcluding": "1.0.0.216", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4F00B47-FFC8-4D45-B49E-8347504A9A4C", "versionEndExcluding": "1.0.1.232", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D9781C9-799A-4BDA-A027-987627A01633", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "37C80013-2E0F-459F-BE08-18D60B109AC0", "versionEndExcluding": "2.6.3.50", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A43D307-64B1-46BF-8237-75518D1703CC", "versionEndExcluding": "1.0.2.80", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01F57C27-EB5A-4F3E-ADF7-684DF8860DA2", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F67B805-17B5-4053-8399-0AFB2EF6E1D4", "versionEndExcluding": "1.0.5.28", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2135FFEC-0437-43C6-B146-3EF43E1B007B", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5465A78-4826-4F72-9CBE-528CBF286A79", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A413E57-A780-486E-AF85-EE460C99D696", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*", "matchCriteriaId": "783EEEE0-BB9A-4C54-82B2-046B1033091C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E19C965E-FA8D-4B42-BCB1-23788621DF45", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*", "matchCriteriaId": "B801EC38-5B86-49F2-AB81-63F0F07A9BBE", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAA4BD93-AE89-4506-936F-26C605685193", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9F31C-3E12-4787-9C9B-14883D9D152A", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "33146BAB-5A18-4A1F-BDD8-3BB33200CDB2", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*", "matchCriteriaId": "17D7D346-6F52-4473-A4EA-6059C177BF0F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "85AD5F45-F940-4FB5-B4D4-E44D816A3449", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "564B0FDF-7159-42EA-9CAA-BEF791274915", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC2B9C48-9FE6-462B-88EE-046F15E66430", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "998C6A17-5ADC-47F1-AF63-9B425143C086", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A5604E66-E9CC-4B78-AF6A-2341B30E3594", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "252643DB-46F7-41E9-96E0-0669DD486E5F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*", "matchCriteriaId": "1924FC8B-4031-4EA3-B214-AF6F77D94654", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FBFA62B-2EBC-426A-98DC-235879902E72", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA66D07-D017-49D6-8E72-5C48E940DE1B", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "66034CFD-1303-4B90-AF70-18B7EDBEFE32", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*", "matchCriteriaId": "CF03B2BB-34BB-4A0D-81CD-1841E524F885", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "237758B3-C096-465F-95C4-EB3F9835D91F", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DADAA79-9A5C-4B6F-A58D-704ACD1C3334", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "217B0E6E-BCC9-4D12-ADD4-E2C65323018B", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8E13FC6-D0BF-4674-8A3B-FF5D81B15059", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "82504AE8-4D6F-4A49-A611-FBFB303CD237", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "41B066B3-37CD-4839-909B-A8EC636E5F11", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*", "matchCriteriaId": "32BAB5C0-F645-4A90-833F-6345335FA1AF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CED8944-D61A-4FDA-A9DB-76CBED16F338", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "matchCriteriaId": "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA", "versionEndExcluding": "2.7.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", "matchCriteriaId": "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "56489CFF-D34F-4C66-B69B-FB2CE4333D75", "versionEndExcluding": "2.6.2.104", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", "matchCriteriaId": "27F93A76-6EFF-4DA6-9129-4792E2C125D4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF01111F-8A37-4366-A63E-210E6CE0DB0E", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", "matchCriteriaId": "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4476F0C6-0A7D-4735-940C-F5C75316EEE9", "versionEndExcluding": "2.3.2.114", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D92A0CE-769D-402F-8FD7-BDD8DF247CFD", "versionEndExcluding": "1.0.1.38", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", "matchCriteriaId": "E12892C8-5E01-49A6-BF47-09D630377093", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360." }, { "lang": "es", "value": "Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en instalaciones afectadas de NETGEAR R7800 versi\u00f3n de firmware 1.0.2.76.\u0026#xa0;No es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad.\u0026#xa0;El fallo espec\u00edfico se presenta dentro del endpoint refresh_status.aspx.\u0026#xa0;El problema resulta de la falta de autenticaci\u00f3n necesaria para iniciar un servicio en el servidor.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de root.\u0026#xa0;Era ZDI-CAN-12360" } ], "id": "CVE-2021-27255", "lastModified": "2024-11-21T05:57:41.983", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.5, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-03-05T20:15:12.457", "references": [ { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "zdi-disclosures@trendmicro.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-263/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-263/" } ], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-306" } ], "source": "zdi-disclosures@trendmicro.com", "type": "Primary" } ] }