Vulnerabilites related to netgear - wn3000rpv2
var-202012-1198
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1198", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dm200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.61", }, { model: "r7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.62", }, { model: "r6020", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.38", }, { model: "rbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "ex2700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.52", }, { model: "rbk40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "wn3100rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.66", }, { model: "d7000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.68", }, { model: "ex6400", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.140", }, { model: "d7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.56", }, { model: "xr500", scope: "eq", trust: 1, vendor: "netgear", version: "2.3.2.32", }, { model: "rbs20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "r6800", scope: "lt", trust: 1, vendor: "netgear", version: "1.2.0.36", }, { model: "r6230", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.80", }, { model: "d6200", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.00.32", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "r6900v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.2.0.36", }, { model: "r8900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.12", }, { model: "wn3000rpv3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.78", }, { model: "rbk20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "r6220", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.80", }, { model: "ex7300", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.140", }, { model: "ex8000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.186", }, { model: "ex6150v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.76", }, { model: "r9000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.12", }, { model: "r6260", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.40", }, { model: "wn2000rptv3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.34", }, { model: "jr6150", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.18", }, { model: "rbs40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "ex6100v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.76", }, { model: "r7500v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.40", }, { model: "rbs50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "ex6200v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.74", }, { model: "r6120", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.46", }, { model: "wnr2020", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.62", }, { model: "d3600", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.76", }, { model: "r6700v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.2.0.36", }, { model: "r6080", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.38", }, { model: "pr2000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.28", }, { model: "xr450", scope: "eq", trust: 1, vendor: "netgear", version: "2.3.2.32", }, { model: "r6050", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.18", }, { model: "rbk50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "rbr40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "d6000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.078", }, { model: "wnr2000v5", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.70", }, { model: "rbr50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "d6000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6150v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6200v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "dm200", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6100v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex2700", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d3600", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6200", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-015015", }, { db: "NVD", id: "CVE-2020-35799", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.078", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.00.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.61", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.52", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6200v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.74", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6200v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.140", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.140", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.186", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.18", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.38", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.18", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.38", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.80", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.80", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.40", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6700v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6700v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6900v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6900v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.40", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.62", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn2000rptv3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn2000rptv3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3100rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3100rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.62", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr450_firmware:2.3.2.32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:2.3.2.32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-35799", }, ], }, cve: "CVE-2020-35799", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2020-35799", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "cve@mitre.org", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2020-35799", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-35799", trust: 1.8, value: "CRITICAL", }, { author: "cve@mitre.org", id: "CVE-2020-35799", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202012-1741", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-015015", }, { db: "NVD", id: "CVE-2020-35799", }, { db: "NVD", id: "CVE-2020-35799", }, { db: "CNNVD", id: "CNNVD-202012-1741", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state", sources: [ { db: "NVD", id: "CVE-2020-35799", }, { db: "JVNDB", id: "JVNDB-2020-015015", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-35799", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2020-015015", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202012-1741", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-015015", }, { db: "NVD", id: "CVE-2020-35799", }, { db: "CNNVD", id: "CNNVD-202012-1741", }, ], }, id: "VAR-202012-1198", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.46301267139534885, }, last_update_date: "2023-12-18T13:27:52.611000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Pre-Authentication Stack Overflow on Some Routers, Range Extenders, and WiFi Systems, PSV-2018-0296", trust: 0.8, url: "https://kb.netgear.com/000062709/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-range-extenders-and-wifi-systems-psv-2018-0296", }, { title: "Certain NETGEAR devices Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=138121", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-015015", }, { db: "CNNVD", id: "CNNVD-202012-1741", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-015015", }, { db: "NVD", id: "CVE-2020-35799", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://kb.netgear.com/000062709/security-advisory-for-pre-authentication-stack-overflow-on-some-routers-range-extenders-and-wifi-systems-psv-2018-0296", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-35799", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-015015", }, { db: "NVD", id: "CVE-2020-35799", }, { db: "CNNVD", id: "CNNVD-202012-1741", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2020-015015", }, { db: "NVD", id: "CVE-2020-35799", }, { db: "CNNVD", id: "CNNVD-202012-1741", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-09-07T00:00:00", db: "JVNDB", id: "JVNDB-2020-015015", }, { date: "2020-12-30T00:15:14.347000", db: "NVD", id: "CVE-2020-35799", }, { date: "2020-12-29T00:00:00", db: "CNNVD", id: "CNNVD-202012-1741", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-09-07T09:06:00", db: "JVNDB", id: "JVNDB-2020-015015", }, { date: "2021-01-04T14:31:43.973000", db: "NVD", id: "CVE-2020-35799", }, { date: "2021-01-12T00:00:00", db: "CNNVD", id: "CNNVD-202012-1741", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202012-1741", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Out-of-bounds write vulnerability in device", sources: [ { db: "JVNDB", id: "JVNDB-2020-015015", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202012-1741", }, ], trust: 0.6, }, }
var-202112-2308
Vulnerability from variot
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200Bv4 prior to 1.0.0.109, DGN2200v4 prior to 1.0.0.110, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700v3 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBR20 prior to 2.3.0.28, RBS20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR50 prior to 2.3.0.32, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, and XR500 prior to 2.3.2.56
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2308", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dm200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.61", }, { model: "r6300v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.34", }, { model: "rbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "r6220", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.100", }, { model: "rbk40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "d7000v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.53", }, { model: "d3600", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.72", }, { model: "d7000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.74", }, { model: "ex7000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.78", }, { model: "ex6130", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.28", }, { model: "r8000p", scope: "lt", trust: 1, vendor: "netgear", version: "1.4.1.50", }, { model: "rbs20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "r6900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.6", }, { model: "r8900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.12", }, { model: "ex3700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.76", }, { model: "r7100lg", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.50", }, { model: "d6000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.72", }, { model: "rbk20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "r7900p", scope: "lt", trust: 1, vendor: "netgear", version: "1.4.1.50", }, { model: "d8500", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.44", }, { model: "r9000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.12", }, { model: "wndr3400v3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.24", }, { model: "r7000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.9.34", }, { model: "rbs40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "d6400", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.86", }, { model: "r7500v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.40", }, { model: "ex6120", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.46", }, { model: "dgn2200v4", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.110", }, { model: "rbs50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "dgn2200bv4", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.109", }, { model: "r6250", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.34", }, { model: "ex3800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.76", }, { model: "wnr2020", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.62", }, { model: "r6400", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.46", }, { model: "pr2000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.28", }, { model: "dc112a", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.42", }, { model: "r6700v3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.66", }, { model: "xr500", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.56", }, { model: "d6220", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.52", }, { model: "r6230", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.100", }, { model: "r6700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.6", }, { model: "rbk50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "rbr40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "wnr2000v5", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.70", }, { model: "r6400v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.66", }, { model: "d7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.56", }, { model: "d6200", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.00.34", }, { model: "rbr50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "d8500", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6200", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d3600", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "dc112a", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6400", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7000v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6220", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017513", }, { db: "NVD", id: "CVE-2021-45641", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.00.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.52", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.86", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.74", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.53", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.44", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.42", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dgn2200bv4_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.109", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dgn2200bv4:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.61", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.46", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.9.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.50", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.40", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.24", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.62", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2021-45641", }, ], }, cve: "CVE-2021-45641", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Partial", baseScore: 6.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2021-45641", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "cve@mitre.org", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.1, impactScore: 2.5, integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-45641", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2021-45641", trust: 1.8, value: "HIGH", }, { author: "cve@mitre.org", id: "CVE-2021-45641", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202112-2437", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017513", }, { db: "NVD", id: "CVE-2021-45641", }, { db: "NVD", id: "CVE-2021-45641", }, { db: "CNNVD", id: "CNNVD-202112-2437", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200Bv4 prior to 1.0.0.109, DGN2200v4 prior to 1.0.0.110, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700v3 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBR20 prior to 2.3.0.28, RBS20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR50 prior to 2.3.0.32, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, and XR500 prior to 2.3.2.56", sources: [ { db: "NVD", id: "CVE-2021-45641", }, { db: "JVNDB", id: "JVNDB-2021-017513", }, { db: "VULMON", id: "CVE-2021-45641", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-45641", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-017513", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-2437", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-45641", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2021-45641", }, { db: "JVNDB", id: "JVNDB-2021-017513", }, { db: "NVD", id: "CVE-2021-45641", }, { db: "CNNVD", id: "CNNVD-202112-2437", }, ], }, id: "VAR-202112-2308", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4421111306382981, }, last_update_date: "2023-12-18T12:48:55.722000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Security Misconfiguration on Some Routers, Extenders, and WiFi Systems, PSV-2018-0624", trust: 0.8, url: "https://kb.netgear.com/000064053/security-advisory-for-security-misconfiguration-on-some-routers-extenders-and-wifi-systems-psv-2018-0624", }, { title: "Netgear NETGEAR Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=176675", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017513", }, { db: "CNNVD", id: "CNNVD-202112-2437", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "Lack of information (CWE-noinfo) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017513", }, { db: "NVD", id: "CVE-2021-45641", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://kb.netgear.com/000064053/security-advisory-for-security-misconfiguration-on-some-routers-extenders-and-wifi-systems-psv-2018-0624", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-45641", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2021-45641", }, { db: "JVNDB", id: "JVNDB-2021-017513", }, { db: "NVD", id: "CVE-2021-45641", }, { db: "CNNVD", id: "CNNVD-202112-2437", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2021-45641", }, { db: "JVNDB", id: "JVNDB-2021-017513", }, { db: "NVD", id: "CVE-2021-45641", }, { db: "CNNVD", id: "CNNVD-202112-2437", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-26T00:00:00", db: "VULMON", id: "CVE-2021-45641", }, { date: "2023-01-24T00:00:00", db: "JVNDB", id: "JVNDB-2021-017513", }, { date: "2021-12-26T01:15:19.690000", db: "NVD", id: "CVE-2021-45641", }, { date: "2021-12-26T00:00:00", db: "CNNVD", id: "CNNVD-202112-2437", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-27T00:00:00", db: "VULMON", id: "CVE-2021-45641", }, { date: "2023-01-24T05:20:00", db: "JVNDB", id: "JVNDB-2021-017513", }, { date: "2022-01-12T14:25:51.273000", db: "NVD", id: "CVE-2021-45641", }, { date: "2022-01-13T00:00:00", db: "CNNVD", id: "CNNVD-202112-2437", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202112-2437", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2021-017513", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202112-2437", }, ], trust: 0.6, }, }
var-202004-0776
Vulnerability from variot
Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.22, RBR20 before 2.3.0.22, RBS20 before 2.3.0.22, RBK50 before 2.3.0.22, RBR50 before 2.3.0.22, RBS50 before 2.3.0.22, RBS40 before 2.3.0.22, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR DM200 is a wireless modem. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0776", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "r7800", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.2.60", }, { model: "r8900", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.4.12", }, { model: "r9000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.4.12", }, { model: "d7800", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.44", }, { model: "d3600", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.75", }, { model: "d6000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.75", }, { model: "dm200", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.58", }, { model: "rbk20", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.22", }, { model: "rbr20", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.22", }, { model: "rbs20", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.22", }, { model: "rbk50", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.22", }, { model: "rbr50", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.22", }, { model: "rbs50", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.22", }, { model: "rbs40", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.22", }, { model: "r7500", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.40", }, { model: "wn3100rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.60", }, { model: "wnr2000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.68", }, { model: "wndr4500", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "wndr4300", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.68", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.70", }, { model: "d3600", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.75", }, { model: "d6000", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.75", }, { model: "d7800", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.44", }, { model: "dm200", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.58", }, { model: "r7500", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.3.34", }, { model: "r7800", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.2.60", }, { model: "r8900", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.4.12", }, { model: "r9000", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.4.12", }, { model: "rbk20", scope: "eq", trust: 0.8, vendor: "netgear", version: "2.3.0.22", }, { model: "rbr20", scope: "eq", trust: 0.8, vendor: "netgear", version: "2.3.0.22", }, { model: "wn3000rpv3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.2.70", }, { model: "wn3000rpv2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.68", }, { model: "wn3100rpv2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.60", }, { model: "wndr4300v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.58", }, { model: "wndr4500v3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.58", }, { model: "r7500v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.3.40", }, { model: "wnr2000v5", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.68", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30685", }, { db: "JVNDB", id: "JVNDB-2019-015414", }, { db: "NVD", id: "CVE-2019-20714", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.75", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.75", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.44", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.40", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.60", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.60", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-20714", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wayne Low of Fortinets FortiGuard Labs", sources: [ { db: "CNNVD", id: "CNNVD-202004-1298", }, ], trust: 0.6, }, cve: "CVE-2019-20714", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", exploitabilityScore: 6.8, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "LOW", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "None", baseScore: 3.5, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2019-015414", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Low", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", exploitabilityScore: 6.8, id: "CNVD-2020-30685", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "LOW", trust: 0.6, vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 1.7, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "cve@mitre.org", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 1.7, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 4.8, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "JVNDB-2019-015414", impactScore: null, integrityImpact: "Low", privilegesRequired: "High", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-20714", trust: 1, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2019-20714", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "JVNDB-2019-015414", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2020-30685", trust: 0.6, value: "LOW", }, { author: "CNNVD", id: "CNNVD-202004-1298", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30685", }, { db: "JVNDB", id: "JVNDB-2019-015414", }, { db: "NVD", id: "CVE-2019-20714", }, { db: "NVD", id: "CVE-2019-20714", }, { db: "CNNVD", id: "CNNVD-202004-1298", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.40, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.22, RBR20 before 2.3.0.22, RBS20 before 2.3.0.22, RBK50 before 2.3.0.22, RBR50 before 2.3.0.22, RBS50 before 2.3.0.22, RBS40 before 2.3.0.22, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and tampered with. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR DM200 is a wireless modem. The vulnerability stems from the lack of proper verification of client data by WEB applications. Attackers can use this vulnerability to execute client code", sources: [ { db: "NVD", id: "CVE-2019-20714", }, { db: "JVNDB", id: "JVNDB-2019-015414", }, { db: "CNVD", id: "CNVD-2020-30685", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-20714", trust: 3, }, { db: "JVNDB", id: "JVNDB-2019-015414", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-30685", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202004-1298", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30685", }, { db: "JVNDB", id: "JVNDB-2019-015414", }, { db: "NVD", id: "CVE-2019-20714", }, { db: "CNNVD", id: "CNNVD-202004-1298", }, ], }, id: "VAR-202004-0776", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-30685", }, ], trust: 1.1538842895652173, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30685", }, ], }, last_update_date: "2023-12-18T14:00:32.748000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Stored Cross Site Scripting on Some Routers, Gateways, and WiFi System, PSV-2018-0249", trust: 0.8, url: "https://kb.netgear.com/000061214/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-wifi-system-psv-2018-0249", }, { title: "Patch for Multiple NETGEAR product cross-site scripting vulnerabilities (CNVD-2020-30685)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/219487", }, { title: "Multiple NETGEAR Fixes for product cross-site scripting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=116567", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30685", }, { db: "JVNDB", id: "JVNDB-2019-015414", }, { db: "CNNVD", id: "CNNVD-202004-1298", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-015414", }, { db: "NVD", id: "CVE-2019-20714", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20714", }, { trust: 1.6, url: "https://kb.netgear.com/000061214/security-advisory-for-stored-cross-site-scripting-on-some-routers-gateways-and-wifi-system-psv-2018-0249", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20714", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30685", }, { db: "JVNDB", id: "JVNDB-2019-015414", }, { db: "NVD", id: "CVE-2019-20714", }, { db: "CNNVD", id: "CNNVD-202004-1298", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-30685", }, { db: "JVNDB", id: "JVNDB-2019-015414", }, { db: "NVD", id: "CVE-2019-20714", }, { db: "CNNVD", id: "CNNVD-202004-1298", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-29T00:00:00", db: "CNVD", id: "CNVD-2020-30685", }, { date: "2020-05-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-015414", }, { date: "2020-04-16T19:15:24.777000", db: "NVD", id: "CVE-2019-20714", }, { date: "2020-04-16T00:00:00", db: "CNNVD", id: "CNNVD-202004-1298", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-29T00:00:00", db: "CNVD", id: "CNVD-2020-30685", }, { date: "2020-05-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-015414", }, { date: "2020-04-22T20:29:29.830000", db: "NVD", id: "CVE-2019-20714", }, { date: "2020-04-26T00:00:00", db: "CNNVD", id: "CNNVD-202004-1298", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202004-1298", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Cross-site scripting vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2019-015414", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202004-1298", }, ], trust: 0.6, }, }
var-202004-0779
Vulnerability from variot
Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, EX2700 before 1.0.1.52, EX6200v2 before 1.0.1.74, EX8000 before 1.0.1.180, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, SRK60 before 2.2.1.210, SRR60 before 2.2.1.210, SRS60 before 2.2.1.210, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, and WNDR4500v3 before 1.0.0.58. plural NETGEAR The device contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR EX2700 is a wireless network signal extender
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0779", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "d7800", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.44", }, { model: "rbk20", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.28", }, { model: "rbr20", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.28", }, { model: "rbs20", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.28", }, { model: "rbs40", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.28", }, { model: "rbk50", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.32", }, { model: "rbr50", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.32", }, { model: "rbs50", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.0.32", }, { model: "srr60", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.2.1.210", }, { model: "srs60", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.2.1.210", }, { model: "d3600", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.75", }, { model: "d6000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.75", }, { model: "ex2700", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.52", }, { model: "ex8000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.180", }, { model: "r7800", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.2.58", }, { model: "srk60", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.2.1.210", }, { model: "r7500", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.38", }, { model: "ex6200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.74", }, { model: "wn3100rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.60", }, { model: "wn2000rpt", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.34", }, { model: "wndr4500", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "wndr4300", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.68", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.70", }, { model: "d3600", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.75", }, { model: "d6000", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.75", }, { model: "d7800", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.44", }, { model: "ex2700", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.52", }, { model: "ex6200", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.74", }, { model: "ex8000", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.80", }, { model: "r7500", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.3.38", }, { model: "r7800", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.2.58", }, { model: "rbk20", scope: "eq", trust: 0.8, vendor: "netgear", version: "2.3.0.28", }, { model: "rbr20", scope: "eq", trust: 0.8, vendor: "netgear", version: "2.3.0.28", }, { model: "r7500v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.3.38", }, { model: "wn3000rpv3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.2.70", }, { model: "ex6200v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.74", }, { model: "wn2000rptv3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.34", }, { model: "wn3000rpv2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.68", }, { model: "wn3100rpv2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.60", }, { model: "wndr4300v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.58", }, { model: "wndr4500v3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.58", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30688", }, { db: "JVNDB", id: "JVNDB-2019-015412", }, { db: "NVD", id: "CVE-2019-20717", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.75", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.75", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.44", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.52", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.74", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.180", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.38", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7500:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:srk60_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1.210", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:srk60:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:srr60_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1.210", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:srr60:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:srs60_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.1.210", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:srs60:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.60", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-20717", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Wayne Low of Fortinets FortiGuard Labs", sources: [ { db: "CNNVD", id: "CNNVD-202004-1301", }, ], trust: 0.6, }, cve: "CVE-2019-20717", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 3.3, confidentialityImpact: "NONE", exploitabilityScore: 6.5, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "LOW", trust: 1, userInteractionRequired: false, vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Adjacent Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 3.3, confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2019-015412", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Low", trust: 0.8, userInteractionRequired: null, vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 3.3, confidentialityImpact: "NONE", exploitabilityScore: 6.5, id: "CNVD-2020-30688", impactScore: 2.9, integrityImpact: "NONE", severity: "LOW", trust: 0.6, vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "cve@mitre.org", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "NVD", availabilityImpact: "High", baseScore: 6.5, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "JVNDB-2019-015412", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-20717", trust: 1, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2019-20717", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "JVNDB-2019-015412", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2020-30688", trust: 0.6, value: "LOW", }, { author: "CNNVD", id: "CNNVD-202004-1301", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30688", }, { db: "JVNDB", id: "JVNDB-2019-015412", }, { db: "NVD", id: "CVE-2019-20717", }, { db: "NVD", id: "CVE-2019-20717", }, { db: "CNNVD", id: "CNNVD-202004-1301", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, EX2700 before 1.0.1.52, EX6200v2 before 1.0.1.74, EX8000 before 1.0.1.180, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, SRK60 before 2.2.1.210, SRR60 before 2.2.1.210, SRS60 before 2.2.1.210, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, and WNDR4500v3 before 1.0.0.58. plural NETGEAR The device contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR EX2700 is a wireless network signal extender", sources: [ { db: "NVD", id: "CVE-2019-20717", }, { db: "JVNDB", id: "JVNDB-2019-015412", }, { db: "CNVD", id: "CNVD-2020-30688", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-20717", trust: 3, }, { db: "JVNDB", id: "JVNDB-2019-015412", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-30688", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202004-1301", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30688", }, { db: "JVNDB", id: "JVNDB-2019-015412", }, { db: "NVD", id: "CVE-2019-20717", }, { db: "CNNVD", id: "CNNVD-202004-1301", }, ], }, id: "VAR-202004-0779", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-30688", }, ], trust: 1.157893909259259, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30688", }, ], }, last_update_date: "2023-12-18T13:28:10.608000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Denial of Service on Some Routers, Extenders, and WiFi Systems, PSV-2018-0225", trust: 0.8, url: "https://kb.netgear.com/000061211/security-advisory-for-denial-of-service-on-some-routers-extenders-and-wifi-systems-psv-2018-0225", }, { title: "Patch for Multiple NETGEAR product input verification error vulnerabilities (CNVD-2020-30688)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/219481", }, { title: "Multiple NETGEAR Product input verification error vulnerability fixes", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=116882", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30688", }, { db: "JVNDB", id: "JVNDB-2019-015412", }, { db: "CNNVD", id: "CNNVD-202004-1301", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "CWE-20", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-015412", }, { db: "NVD", id: "CVE-2019-20717", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20717", }, { trust: 1.6, url: "https://kb.netgear.com/000061211/security-advisory-for-denial-of-service-on-some-routers-extenders-and-wifi-systems-psv-2018-0225", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20717", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-30688", }, { db: "JVNDB", id: "JVNDB-2019-015412", }, { db: "NVD", id: "CVE-2019-20717", }, { db: "CNNVD", id: "CNNVD-202004-1301", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-30688", }, { db: "JVNDB", id: "JVNDB-2019-015412", }, { db: "NVD", id: "CVE-2019-20717", }, { db: "CNNVD", id: "CNNVD-202004-1301", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-29T00:00:00", db: "CNVD", id: "CNVD-2020-30688", }, { date: "2020-05-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-015412", }, { date: "2020-04-16T19:15:24.930000", db: "NVD", id: "CVE-2019-20717", }, { date: "2020-04-16T00:00:00", db: "CNNVD", id: "CNNVD-202004-1301", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-29T00:00:00", db: "CNVD", id: "CNVD-2020-30688", }, { date: "2020-05-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-015412", }, { date: "2021-07-21T11:39:23.747000", db: "NVD", id: "CVE-2019-20717", }, { date: "2020-04-26T00:00:00", db: "CNNVD", id: "CNNVD-202004-1301", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-202004-1301", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Input verification vulnerabilities on devices", sources: [ { db: "JVNDB", id: "JVNDB-2019-015412", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-202004-1301", }, ], trust: 0.6, }, }
var-202112-2347
Vulnerability from variot
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.66, EX2700 prior to 1.0.1.68, WN3000RPv2 prior to 1.0.0.90, WN3000RPv3 prior to 1.0.2.100, LBR1020 prior to 2.6.5.20, LBR20 prior to 2.6.5.32, R6700AX prior to 1.0.10.110, R7800 prior to 1.0.2.86, R8900 prior to 1.0.5.38, R9000 prior to 1.0.5.38, RAX10 prior to 1.0.10.110, RAX120v1 prior to 1.2.3.28, RAX120v2 prior to 1.2.3.28, RAX70 prior to 1.0.10.110, RAX78 prior to 1.0.10.110, XR450 prior to 2.3.2.130, XR500 prior to 2.3.2.130, and XR700 prior to 1.0.1.46
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2347", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "lbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.6.5.32", }, { model: "wn3000rpv3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.100", }, { model: "rax120v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.2.3.28", }, { model: "r9000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.5.38", }, { model: "r6700ax", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.10.110", }, { model: "lbr1020", scope: "lt", trust: 1, vendor: "netgear", version: "2.6.5.20", }, { model: "d7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.66", }, { model: "r7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.86", }, { model: "rax10", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.10.110", }, { model: "xr700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.46", }, { model: "rax78", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.10.110", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.90", }, { model: "rax120v1", scope: "lt", trust: 1, vendor: "netgear", version: "1.2.3.28", }, { model: "r8900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.5.38", }, { model: "rax70", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.10.110", }, { model: "ex2700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.68", }, { model: "xr450", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.130", }, { model: "xr500", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.130", }, { model: "lbr1020", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "lbr20", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "wn3000rpv2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex2700", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r9000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r6700ax", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r8900", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "wn3000rpv3", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017181", }, { db: "NVD", id: "CVE-2021-45602", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.100", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:lbr1020_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.6.5.20", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:lbr1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.6.5.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6700ax_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6700ax:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.86", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.5.38", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.5.38", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax120v1_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.2.3.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax120v1:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax120v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.2.3.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax120v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax70_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax70:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax78_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax78:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.130", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.130", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.46", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2021-45602", }, ], }, cve: "CVE-2021-45602", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 4.6, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2021-45602", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "cve@mitre.org", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "High", baseScore: 7.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-45602", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2021-45602", trust: 1.8, value: "HIGH", }, { author: "cve@mitre.org", id: "CVE-2021-45602", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202112-2398", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2021-45602", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2021-45602", }, { db: "JVNDB", id: "JVNDB-2021-017181", }, { db: "NVD", id: "CVE-2021-45602", }, { db: "NVD", id: "CVE-2021-45602", }, { db: "CNNVD", id: "CNNVD-202112-2398", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.66, EX2700 prior to 1.0.1.68, WN3000RPv2 prior to 1.0.0.90, WN3000RPv3 prior to 1.0.2.100, LBR1020 prior to 2.6.5.20, LBR20 prior to 2.6.5.32, R6700AX prior to 1.0.10.110, R7800 prior to 1.0.2.86, R8900 prior to 1.0.5.38, R9000 prior to 1.0.5.38, RAX10 prior to 1.0.10.110, RAX120v1 prior to 1.2.3.28, RAX120v2 prior to 1.2.3.28, RAX70 prior to 1.0.10.110, RAX78 prior to 1.0.10.110, XR450 prior to 2.3.2.130, XR500 prior to 2.3.2.130, and XR700 prior to 1.0.1.46", sources: [ { db: "NVD", id: "CVE-2021-45602", }, { db: "JVNDB", id: "JVNDB-2021-017181", }, { db: "VULMON", id: "CVE-2021-45602", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-45602", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-017181", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-2398", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-45602", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2021-45602", }, { db: "JVNDB", id: "JVNDB-2021-017181", }, { db: "NVD", id: "CVE-2021-45602", }, { db: "CNNVD", id: "CNNVD-202112-2398", }, ], }, id: "VAR-202112-2347", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.47625735888888887, }, last_update_date: "2023-12-18T13:01:00.102000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Post-Authentication Command Injection & Sensitive Information Disclosure on Multiple Products, PSV-2021-0169 & PSV-2021-0171", trust: 0.8, url: "https://kb.netgear.com/000064407/security-advisory-for-post-authentication-command-injection-sensitive-information-disclosure-on-multiple-products-psv-2021-0169-psv-2021-0171", }, { title: "Netgear NETGEAR Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=177119", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017181", }, { db: "CNNVD", id: "CNNVD-202112-2398", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1, }, { problemtype: "OS Command injection (CWE-78) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017181", }, { db: "NVD", id: "CVE-2021-45602", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { trust: 1.7, url: "https://kb.netgear.com/000064407/security-advisory-for-post-authentication-command-injection-sensitive-information-disclosure-on-multiple-products-psv-2021-0169-psv-2021-0171", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-45602", }, { trust: 0.8, url: "https://www.immersivelabs.com/press/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/77.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2021-45602", }, { db: "JVNDB", id: "JVNDB-2021-017181", }, { db: "NVD", id: "CVE-2021-45602", }, { db: "CNNVD", id: "CNNVD-202112-2398", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2021-45602", }, { db: "JVNDB", id: "JVNDB-2021-017181", }, { db: "NVD", id: "CVE-2021-45602", }, { db: "CNNVD", id: "CNNVD-202112-2398", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-26T00:00:00", db: "VULMON", id: "CVE-2021-45602", }, { date: "2023-01-06T00:00:00", db: "JVNDB", id: "JVNDB-2021-017181", }, { date: "2021-12-26T01:15:17.803000", db: "NVD", id: "CVE-2021-45602", }, { date: "2021-12-26T00:00:00", db: "CNNVD", id: "CNNVD-202112-2398", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-06T00:00:00", db: "VULMON", id: "CVE-2021-45602", }, { date: "2023-01-06T06:33:00", db: "JVNDB", id: "JVNDB-2021-017181", }, { date: "2022-07-12T17:42:04.277000", db: "NVD", id: "CVE-2021-45602", }, { date: "2022-07-14T00:00:00", db: "CNNVD", id: "CNNVD-202112-2398", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202112-2398", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR On the device OS Command injection vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2021-017181", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "operating system commend injection", sources: [ { db: "CNNVD", id: "CNNVD-202112-2398", }, ], trust: 0.6, }, }
var-202010-0579
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before 1.0.0.78, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.70, XR450 before 2.3.2.40, and XR500 before 2.3.2.40. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202010-0579", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "d6100", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.63", }, { model: "xr450", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.40", }, { model: "rbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "srr60", scope: "lt", trust: 1, vendor: "netgear", version: "2.2.2.20", }, { model: "rbk40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "r8900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.26", }, { model: "rbs40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "wndr4500v3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "rbs50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "xr500", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.40", }, { model: "r9000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.26", }, { model: "rbs20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "r7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.60", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "rbk50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "srk60", scope: "lt", trust: 1, vendor: "netgear", version: "2.2.2.20", }, { model: "srs60", scope: "lt", trust: 1, vendor: "netgear", version: "2.2.2.20", }, { model: "wnr2000v5", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.70", }, { model: "rbr50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "wndr4300v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "rbk20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "d6100", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r8900", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r9000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbk20", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbk50", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbr20", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbr50", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbs20", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbs50", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-012214", }, { db: "NVD", id: "CVE-2020-26913", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.63", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.60", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:srk60_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.2.20", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:srk60:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:srr60_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.2.20", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:srr60:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:srs60_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.2.2.20", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:srs60:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4300v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4300v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4500v3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4500v3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.40", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.40", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-26913", }, ], }, cve: "CVE-2020-26913", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", exploitabilityScore: 5.1, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Adjacent Network", authentication: "Single", author: "NVD", availabilityImpact: "Partial", baseScore: 5.2, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2020-26913", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "OTHER", availabilityImpact: "High", baseScore: 6.8, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-012214", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-26913", trust: 1.8, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2020-26913", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202010-344", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-012214", }, { db: "NVD", id: "CVE-2020-26913", }, { db: "NVD", id: "CVE-2020-26913", }, { db: "CNNVD", id: "CNNVD-202010-344", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before 1.0.0.78, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.70, XR450 before 2.3.2.40, and XR500 before 2.3.2.40. plural NETGEAR The device contains an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state", sources: [ { db: "NVD", id: "CVE-2020-26913", }, { db: "JVNDB", id: "JVNDB-2020-012214", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-26913", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2020-012214", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202010-344", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-012214", }, { db: "NVD", id: "CVE-2020-26913", }, { db: "CNNVD", id: "CNNVD-202010-344", }, ], }, id: "VAR-202010-0579", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.458790991, }, last_update_date: "2023-12-18T13:01:34.947000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Post-Authentication Stack Overflow on Some Routers and WiFi Systems, PSV-2018-0140", trust: 0.8, url: "https://kb.netgear.com/000062340/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-wifi-systems-psv-2018-0140", }, { title: "Multiple NETGEAR Fix for device buffer error vulnerability", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=131131", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-012214", }, { db: "CNNVD", id: "CNNVD-202010-344", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-012214", }, { db: "NVD", id: "CVE-2020-26913", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://kb.netgear.com/000062340/security-advisory-for-post-authentication-stack-overflow-on-some-routers-and-wifi-systems-psv-2018-0140", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-26913", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-012214", }, { db: "NVD", id: "CVE-2020-26913", }, { db: "CNNVD", id: "CNNVD-202010-344", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2020-012214", }, { db: "NVD", id: "CVE-2020-26913", }, { db: "CNNVD", id: "CNNVD-202010-344", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-27T00:00:00", db: "JVNDB", id: "JVNDB-2020-012214", }, { date: "2020-10-09T07:15:17.043000", db: "NVD", id: "CVE-2020-26913", }, { date: "2020-10-09T00:00:00", db: "CNNVD", id: "CNNVD-202010-344", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-04-27T05:42:00", db: "JVNDB", id: "JVNDB-2020-012214", }, { date: "2020-10-16T17:41:49.947000", db: "NVD", id: "CVE-2020-26913", }, { date: "2020-10-21T00:00:00", db: "CNNVD", id: "CNNVD-202010-344", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-202010-344", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Out-of-bounds write vulnerability in device", sources: [ { db: "JVNDB", id: "JVNDB-2020-012214", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202010-344", }, ], trust: 0.6, }, }
var-202112-2346
Vulnerability from variot
Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device's serial number, which can be used for a password reset. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46. This affects D7800 prior to 1.0.1.66, EX2700 prior to 1.0.1.68, WN3000RPv2 prior to 1.0.0.90, WN3000RPv3 prior to 1.0.2.100, LBR1020 prior to 2.6.5.20, LBR20 prior to 2.6.5.32, R6700AX prior to 1.0.10.110, R7800 prior to 1.0.2.86, R8900 prior to 1.0.5.38, R9000 prior to 1.0.5.38, RAX10 prior to 1.0.10.110, RAX120v1 prior to 1.2.3.28, RAX120v2 prior to 1.2.3.28, RAX70 prior to 1.0.10.110, RAX78 prior to 1.0.10.110, XR450 prior to 2.3.2.130, XR500 prior to 2.3.2.130, and XR700 prior to 1.0.1.46
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2346", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "lbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.6.5.32", }, { model: "wn3000rpv3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.100", }, { model: "rax120v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.2.3.28", }, { model: "r9000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.5.38", }, { model: "r6700ax", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.10.110", }, { model: "lbr1020", scope: "lt", trust: 1, vendor: "netgear", version: "2.6.5.20", }, { model: "d7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.66", }, { model: "r7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.86", }, { model: "rax10", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.10.110", }, { model: "xr700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.46", }, { model: "rax78", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.10.110", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.90", }, { model: "rax120v1", scope: "lt", trust: 1, vendor: "netgear", version: "1.2.3.28", }, { model: "r8900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.5.38", }, { model: "rax70", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.10.110", }, { model: "ex2700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.68", }, { model: "xr450", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.130", }, { model: "xr500", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.130", }, { model: "lbr1020", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "lbr20", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "wn3000rpv2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex2700", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r9000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r6700ax", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r8900", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "wn3000rpv3", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017180", }, { db: "NVD", id: "CVE-2021-45603", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.100", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:lbr1020_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.6.5.20", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:lbr1020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.6.5.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6700ax_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6700ax:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.86", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.5.38", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.5.38", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax10_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax10:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax120v1_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.2.3.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax120v1:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax120v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.2.3.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax120v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax70_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax70:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax78_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax78:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.130", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.130", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.46", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2021-45603", }, ], }, cve: "CVE-2021-45603", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "LOW", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 2.1, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2021-45603", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Low", trust: 0.9, userInteractionRequired: null, vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "LOCAL", author: "NVD", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "cve@mitre.org", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Local", author: "NVD", availabilityImpact: "None", baseScore: 5.5, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-45603", impactScore: null, integrityImpact: "None", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2021-45603", trust: 1.8, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2021-45603", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202112-2399", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-45603", trust: 0.1, value: "LOW", }, ], }, ], sources: [ { db: "VULMON", id: "CVE-2021-45603", }, { db: "JVNDB", id: "JVNDB-2021-017180", }, { db: "NVD", id: "CVE-2021-45603", }, { db: "NVD", id: "CVE-2021-45603", }, { db: "CNNVD", id: "CNNVD-202112-2399", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device's serial number, which can be used for a password reset. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46. This affects D7800 prior to 1.0.1.66, EX2700 prior to 1.0.1.68, WN3000RPv2 prior to 1.0.0.90, WN3000RPv3 prior to 1.0.2.100, LBR1020 prior to 2.6.5.20, LBR20 prior to 2.6.5.32, R6700AX prior to 1.0.10.110, R7800 prior to 1.0.2.86, R8900 prior to 1.0.5.38, R9000 prior to 1.0.5.38, RAX10 prior to 1.0.10.110, RAX120v1 prior to 1.2.3.28, RAX120v2 prior to 1.2.3.28, RAX70 prior to 1.0.10.110, RAX78 prior to 1.0.10.110, XR450 prior to 2.3.2.130, XR500 prior to 2.3.2.130, and XR700 prior to 1.0.1.46", sources: [ { db: "NVD", id: "CVE-2021-45603", }, { db: "JVNDB", id: "JVNDB-2021-017180", }, { db: "VULMON", id: "CVE-2021-45603", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-45603", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-017180", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-2399", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-45603", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2021-45603", }, { db: "JVNDB", id: "JVNDB-2021-017180", }, { db: "NVD", id: "CVE-2021-45603", }, { db: "CNNVD", id: "CNNVD-202112-2399", }, ], }, id: "VAR-202112-2346", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.47625735888888887, }, last_update_date: "2023-12-18T13:06:53.578000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Post-Authentication Command Injection & Sensitive Information Disclosure on Multiple Products, PSV-2021-0169 & PSV-2021-0171", trust: 0.8, url: "https://kb.netgear.com/000064407/security-advisory-for-post-authentication-command-injection-sensitive-information-disclosure-on-multiple-products-psv-2021-0169-psv-2021-0171", }, { title: "Netgear NETGEAR Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=177120", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017180", }, { db: "CNNVD", id: "CNNVD-202112-2399", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-200", trust: 1, }, { problemtype: "information leak (CWE-200) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017180", }, { db: "NVD", id: "CVE-2021-45603", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { trust: 1.7, url: "https://kb.netgear.com/000064407/security-advisory-for-post-authentication-command-injection-sensitive-information-disclosure-on-multiple-products-psv-2021-0169-psv-2021-0171", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-45603", }, { trust: 0.8, url: "https://www.immersivelabs.com/press/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/200.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2021-45603", }, { db: "JVNDB", id: "JVNDB-2021-017180", }, { db: "NVD", id: "CVE-2021-45603", }, { db: "CNNVD", id: "CNNVD-202112-2399", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2021-45603", }, { db: "JVNDB", id: "JVNDB-2021-017180", }, { db: "NVD", id: "CVE-2021-45603", }, { db: "CNNVD", id: "CNNVD-202112-2399", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-26T00:00:00", db: "VULMON", id: "CVE-2021-45603", }, { date: "2023-01-06T00:00:00", db: "JVNDB", id: "JVNDB-2021-017180", }, { date: "2021-12-26T01:15:17.853000", db: "NVD", id: "CVE-2021-45603", }, { date: "2021-12-26T00:00:00", db: "CNNVD", id: "CNNVD-202112-2399", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-06T00:00:00", db: "VULMON", id: "CVE-2021-45603", }, { date: "2023-01-06T06:22:00", db: "JVNDB", id: "JVNDB-2021-017180", }, { date: "2022-01-06T18:54:44.427000", db: "NVD", id: "CVE-2021-45603", }, { date: "2022-01-10T00:00:00", db: "CNNVD", id: "CNNVD-202112-2399", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-202112-2399", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Device information disclosure vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2021-017180", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "information disclosure", sources: [ { db: "CNNVD", id: "CNNVD-202112-2399", }, ], trust: 0.6, }, }
var-202112-2291
Vulnerability from variot
Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20. plural NETGEAR The device has an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.58, DM200 prior to 1.0.0.66, EX2700 prior to 1.0.1.56, EX6150v2 prior to 1.0.1.86, EX6100v2 prior to 1.0.1.86, EX6200v2 prior to 1.0.1.78, EX6250 prior to 1.0.0.110, EX6410 prior to 1.0.0.110, EX6420 prior to 1.0.0.110, EX6400v2 prior to 1.0.0.110, EX7300 prior to 1.0.2.144, EX6400 prior to 1.0.2.144, EX7320 prior to 1.0.0.110, EX7300v2 prior to 1.0.0.110, R7500v2 prior to 1.0.3.48, R7800 prior to 1.0.2.68, R8900 prior to 1.0.5.2, R9000 prior to 1.0.5.2, RAX120 prior to 1.0.1.90, RBK40 prior to 2.5.1.16, RBK20 prior to 2.5.1.16, RBR20 prior to 2.5.1.16, RBS20 prior to 2.5.1.16, RBK50 prior to 2.5.1.16, RBR50 prior to 2.5.1.16, RBS50 prior to 2.5.1.16, RBS50Y prior to 2.6.1.40, WN3000RPv2 prior to 1.0.0.78, WN3000RPv3 prior to 1.0.2.80, WNR2000v5 prior to 1.0.0.72, XR500 prior to 2.3.2.56, and XR700 prior to 1.0.1.20
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2291", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "r7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.68", }, { model: "r8900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.5.2", }, { model: "xr700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.20", }, { model: "rbk50", scope: "lt", trust: 1, vendor: "netgear", version: "2.5.1.16", }, { model: "rbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.5.1.16", }, { model: "rax120", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.90", }, { model: "rbk20", scope: "lt", trust: 1, vendor: "netgear", version: "2.5.1.16", }, { model: "ex6400v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.110", }, { model: "r7500v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.48", }, { model: "rbk40", scope: "lt", trust: 1, vendor: "netgear", version: "2.5.1.16", }, { model: "r9000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.5.2", }, { model: "ex6250", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.110", }, { model: "rbr50", scope: "lt", trust: 1, vendor: "netgear", version: "2.5.1.16", }, { model: "rbs50y", scope: "lt", trust: 1, vendor: "netgear", version: "2.6.1.40", }, { model: "dm200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.66", }, { model: "d7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.58", }, { model: "ex6200v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.78", }, { model: "ex6420", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.110", }, { model: "ex7300", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.144", }, { model: "ex7300v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.110", }, { model: "ex6150v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.86", }, { model: "xr500", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.56", }, { model: "ex2700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.56", }, { model: "ex6100v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.86", }, { model: "rbs20", scope: "lt", trust: 1, vendor: "netgear", version: "2.5.1.16", }, { model: "ex6400", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.144", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "ex7320", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.110", }, { model: "wn3000rpv3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.80", }, { model: "ex6410", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.110", }, { model: "wnr2000v5", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.72", }, { model: "rbs50", scope: "lt", trust: 1, vendor: "netgear", version: "2.5.1.16", }, { model: "d7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex2700", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6150v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6100v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6200v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6400v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "dm200", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6250", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6420", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6410", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017535", }, { db: "NVD", id: "CVE-2021-45658", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.86", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.86", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6200v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6200v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.48", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.5.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.5.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.90", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.80", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.20", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2021-45658", }, ], }, cve: "CVE-2021-45658", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 7.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2021-45658", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "cve@mitre.org", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.8, impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-45658", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2021-45658", trust: 1.8, value: "CRITICAL", }, { author: "cve@mitre.org", id: "CVE-2021-45658", trust: 1, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202112-2454", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017535", }, { db: "NVD", id: "CVE-2021-45658", }, { db: "NVD", id: "CVE-2021-45658", }, { db: "CNNVD", id: "CNNVD-202112-2454", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20. plural NETGEAR The device has an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.58, DM200 prior to 1.0.0.66, EX2700 prior to 1.0.1.56, EX6150v2 prior to 1.0.1.86, EX6100v2 prior to 1.0.1.86, EX6200v2 prior to 1.0.1.78, EX6250 prior to 1.0.0.110, EX6410 prior to 1.0.0.110, EX6420 prior to 1.0.0.110, EX6400v2 prior to 1.0.0.110, EX7300 prior to 1.0.2.144, EX6400 prior to 1.0.2.144, EX7320 prior to 1.0.0.110, EX7300v2 prior to 1.0.0.110, R7500v2 prior to 1.0.3.48, R7800 prior to 1.0.2.68, R8900 prior to 1.0.5.2, R9000 prior to 1.0.5.2, RAX120 prior to 1.0.1.90, RBK40 prior to 2.5.1.16, RBK20 prior to 2.5.1.16, RBR20 prior to 2.5.1.16, RBS20 prior to 2.5.1.16, RBK50 prior to 2.5.1.16, RBR50 prior to 2.5.1.16, RBS50 prior to 2.5.1.16, RBS50Y prior to 2.6.1.40, WN3000RPv2 prior to 1.0.0.78, WN3000RPv3 prior to 1.0.2.80, WNR2000v5 prior to 1.0.0.72, XR500 prior to 2.3.2.56, and XR700 prior to 1.0.1.20", sources: [ { db: "NVD", id: "CVE-2021-45658", }, { db: "JVNDB", id: "JVNDB-2021-017535", }, { db: "VULMON", id: "CVE-2021-45658", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-45658", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-017535", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-2454", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-45658", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2021-45658", }, { db: "JVNDB", id: "JVNDB-2021-017535", }, { db: "NVD", id: "CVE-2021-45658", }, { db: "CNNVD", id: "CNNVD-202112-2454", }, ], }, id: "VAR-202112-2291", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.44349873083333335, }, last_update_date: "2023-12-18T13:42:20.194000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Server Side Injection on Some Routers, Extenders, and WiFi Systems, PSV-2019-0125", trust: 0.8, url: "https://kb.netgear.com/000064062/security-advisory-for-server-side-injection-on-some-routers-extenders-and-wifi-systems-psv-2019-0125", }, { title: "Netgear NETGEAR Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=176216", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017535", }, { db: "CNNVD", id: "CNNVD-202112-2454", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-74", trust: 1, }, { problemtype: "injection (CWE-74) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017535", }, { db: "NVD", id: "CVE-2021-45658", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://kb.netgear.com/000064062/security-advisory-for-server-side-injection-on-some-routers-extenders-and-wifi-systems-psv-2019-0125", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-45658", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2021-45658", }, { db: "JVNDB", id: "JVNDB-2021-017535", }, { db: "NVD", id: "CVE-2021-45658", }, { db: "CNNVD", id: "CNNVD-202112-2454", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2021-45658", }, { db: "JVNDB", id: "JVNDB-2021-017535", }, { db: "NVD", id: "CVE-2021-45658", }, { db: "CNNVD", id: "CNNVD-202112-2454", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-26T00:00:00", db: "VULMON", id: "CVE-2021-45658", }, { date: "2023-01-25T00:00:00", db: "JVNDB", id: "JVNDB-2021-017535", }, { date: "2021-12-26T01:15:20.467000", db: "NVD", id: "CVE-2021-45658", }, { date: "2021-12-26T00:00:00", db: "CNNVD", id: "CNNVD-202112-2454", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-27T00:00:00", db: "VULMON", id: "CVE-2021-45658", }, { date: "2023-01-25T01:41:00", db: "JVNDB", id: "JVNDB-2021-017535", }, { date: "2022-01-10T20:48:50.487000", db: "NVD", id: "CVE-2021-45658", }, { date: "2022-01-11T00:00:00", db: "CNNVD", id: "CNNVD-202112-2454", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202112-2454", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Device Injection Vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2021-017535", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "injection", sources: [ { db: "CNNVD", id: "CNNVD-202112-2454", }, ], trust: 0.6, }, }
var-202012-1337
Vulnerability from variot
Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1337", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "r7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.52", }, { model: "dm200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.61", }, { model: "d6100", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.63", }, { model: "r9000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.12", }, { model: "r8900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.12", }, { model: "wnr2000v5", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.66", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.68", }, { model: "wn3000rpv2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "wnr2000v5", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "dm200", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r8900", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6100", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r9000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014998", }, { db: "NVD", id: "CVE-2020-35808", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.63", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.61", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.52", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-35808", }, ], }, cve: "CVE-2020-35808", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", exploitabilityScore: 6.8, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "LOW", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "None", baseScore: 3.5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2020-35808", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Low", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 1.7, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "cve@mitre.org", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 1.7, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 4.8, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2020-35808", impactScore: null, integrityImpact: "Low", privilegesRequired: "High", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-35808", trust: 1.8, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2020-35808", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202012-1793", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014998", }, { db: "NVD", id: "CVE-2020-35808", }, { db: "NVD", id: "CVE-2020-35808", }, { db: "CNNVD", id: "CNNVD-202012-1793", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2020-35808", }, { db: "JVNDB", id: "JVNDB-2020-014998", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-35808", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2020-014998", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202012-1793", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014998", }, { db: "NVD", id: "CVE-2020-35808", }, { db: "CNNVD", id: "CNNVD-202012-1793", }, ], }, id: "VAR-202012-1337", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.55543442, }, last_update_date: "2023-12-18T14:00:18.815000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Stored Cross Site Scripting on Some Routers and Range Extenders, PSV-2018-0158", trust: 0.8, url: "https://kb.netgear.com/000062708/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-range-extenders-psv-2018-0158", }, { title: "Certain NETGEAR devices Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=138162", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014998", }, { db: "CNNVD", id: "CNNVD-202012-1793", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014998", }, { db: "NVD", id: "CVE-2020-35808", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://kb.netgear.com/000062708/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-range-extenders-psv-2018-0158", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-35808", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014998", }, { db: "NVD", id: "CVE-2020-35808", }, { db: "CNNVD", id: "CNNVD-202012-1793", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2020-014998", }, { db: "NVD", id: "CVE-2020-35808", }, { db: "CNNVD", id: "CNNVD-202012-1793", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-09-07T00:00:00", db: "JVNDB", id: "JVNDB-2020-014998", }, { date: "2020-12-30T00:15:14.863000", db: "NVD", id: "CVE-2020-35808", }, { date: "2020-12-29T00:00:00", db: "CNNVD", id: "CNNVD-202012-1793", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-09-07T08:54:00", db: "JVNDB", id: "JVNDB-2020-014998", }, { date: "2021-01-04T15:55:13.777000", db: "NVD", id: "CVE-2020-35808", }, { date: "2021-01-12T00:00:00", db: "CNNVD", id: "CNNVD-202012-1793", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202012-1793", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Cross-site scripting vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2020-014998", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202012-1793", }, ], trust: 0.6, }, }
var-202112-2309
Vulnerability from variot
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6700v3 prior to 1.0.2.66, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR20 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBR50 prior to 2.3.0.32, RBS20 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.56, and XR500 prior to 2.3.2.56
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2309", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "dm200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.61", }, { model: "r6300v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.34", }, { model: "wnr3500lv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.2.0.62", }, { model: "rbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "r6220", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.100", }, { model: "rbk40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "d7000v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.53", }, { model: "d3600", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.72", }, { model: "d7000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.74", }, { model: "ex7000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.78", }, { model: "ex6130", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.28", }, { model: "r8000p", scope: "lt", trust: 1, vendor: "netgear", version: "1.4.1.50", }, { model: "rbs20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "r6900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.6", }, { model: "r8900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.12", }, { model: "ex3700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.76", }, { model: "r7100lg", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.50", }, { model: "d6000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.72", }, { model: "rbk20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "r7900p", scope: "lt", trust: 1, vendor: "netgear", version: "1.4.1.50", }, { model: "d8500", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.44", }, { model: "r9000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.12", }, { model: "wndr3400v3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.24", }, { model: "r7000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.9.34", }, { model: "rbs40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "xr450", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.56", }, { model: "d6400", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.86", }, { model: "r7500v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.40", }, { model: "ex6120", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.46", }, { model: "dgn2200v4", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.110", }, { model: "rbs50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "dgn2200bv4", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.109", }, { model: "r6250", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.4.34", }, { model: "ex3800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.76", }, { model: "wnr2020", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.62", }, { model: "r6400", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.46", }, { model: "pr2000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.28", }, { model: "dc112a", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.42", }, { model: "r6700v3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.66", }, { model: "xr500", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.56", }, { model: "d6220", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.52", }, { model: "r6230", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.0.100", }, { model: "r6700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.6", }, { model: "rbk50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "rbr40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.28", }, { model: "wnr2000v5", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.70", }, { model: "r6400v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.66", }, { model: "d7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.56", }, { model: "d6200", scope: "lt", trust: 1, vendor: "netgear", version: "1.1.00.34", }, { model: "rbr50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.0.32", }, { model: "d8500", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6200", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d3600", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "dc112a", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6400", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7000v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6000", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d6220", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017516", }, { db: "NVD", id: "CVE-2021-45640", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.00.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.52", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.86", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.74", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.53", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.44", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.42", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dgn2200bv4_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.109", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dgn2200bv4:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.61", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.46", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.6", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.9.34", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.50", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.40", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.24", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.1.0.62", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr3500lv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.2.0.62", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr3500lv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2021-45640", }, ], }, cve: "CVE-2021-45640", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Partial", baseScore: 6.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2021-45640", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", author: "cve@mitre.org", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", exploitabilityScore: 0.5, impactScore: 3.4, integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-45640", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2021-45640", trust: 1.8, value: "HIGH", }, { author: "cve@mitre.org", id: "CVE-2021-45640", trust: 1, value: "LOW", }, { author: "CNNVD", id: "CNNVD-202112-2436", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017516", }, { db: "NVD", id: "CVE-2021-45640", }, { db: "NVD", id: "CVE-2021-45640", }, { db: "CNNVD", id: "CNNVD-202112-2436", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56. plural NETGEAR There is an unspecified vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.52, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.74, D7000v2 prior to 1.0.0.53, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.110, DGND2200Bv4 prior to 1.0.0.109, DM200 prior to 1.0.0.61, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6120 prior to 1.0.0.46, EX6130 prior to 1.0.0.28, EX7000 prior to 1.0.1.78, PR2000 prior to 1.0.0.28, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.34, R6400 prior to 1.0.1.46, R6400v2 prior to 1.0.2.66, R6700 prior to 1.0.2.6, R6700v3 prior to 1.0.2.66, R6900 prior to 1.0.2.6, R7000 prior to 1.0.9.34, R7100LG prior to 1.0.0.50, R7500v2 prior to 1.0.3.40, R7900P prior to 1.4.1.50, R8000P prior to 1.4.1.50, R8900 prior to 1.0.4.12, R9000 prior to 1.0.4.12, RBK20 prior to 2.3.0.28, RBK40 prior to 2.3.0.28, RBK50 prior to 2.3.0.32, RBR20 prior to 2.3.0.28, RBR40 prior to 2.3.0.28, RBR50 prior to 2.3.0.32, RBS20 prior to 2.3.0.28, RBS40 prior to 2.3.0.28, RBS50 prior to 2.3.0.32, WN3000RPv2 prior to 1.0.0.78, WNDR3400v3 prior to 1.0.1.24, WNR2000v5 prior to 1.0.0.70, WNR2020 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, XR450 prior to 2.3.2.56, and XR500 prior to 2.3.2.56", sources: [ { db: "NVD", id: "CVE-2021-45640", }, { db: "JVNDB", id: "JVNDB-2021-017516", }, { db: "VULMON", id: "CVE-2021-45640", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-45640", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-017516", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-2436", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-45640", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2021-45640", }, { db: "JVNDB", id: "JVNDB-2021-017516", }, { db: "NVD", id: "CVE-2021-45640", }, { db: "CNNVD", id: "CNNVD-202112-2436", }, ], }, id: "VAR-202112-2309", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.45328091750000016, }, last_update_date: "2023-12-18T13:37:09.697000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Security Misconfiguration on Some Routers, Extenders, and WiFi Systems, PSV-2018-0228", trust: 0.8, url: "https://kb.netgear.com/000064045/security-advisory-for-security-misconfiguration-on-some-routers-extenders-and-wifi-systems-psv-2018-0228", }, { title: "Netgear NETGEAR Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=176674", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017516", }, { db: "CNNVD", id: "CNNVD-202112-2436", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, { problemtype: "Lack of information (CWE-noinfo) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017516", }, { db: "NVD", id: "CVE-2021-45640", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://kb.netgear.com/000064045/security-advisory-for-security-misconfiguration-on-some-routers-extenders-and-wifi-systems-psv-2018-0228", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-45640", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2021-45640", }, { db: "JVNDB", id: "JVNDB-2021-017516", }, { db: "NVD", id: "CVE-2021-45640", }, { db: "CNNVD", id: "CNNVD-202112-2436", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2021-45640", }, { db: "JVNDB", id: "JVNDB-2021-017516", }, { db: "NVD", id: "CVE-2021-45640", }, { db: "CNNVD", id: "CNNVD-202112-2436", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-26T00:00:00", db: "VULMON", id: "CVE-2021-45640", }, { date: "2023-01-24T00:00:00", db: "JVNDB", id: "JVNDB-2021-017516", }, { date: "2021-12-26T01:15:19.643000", db: "NVD", id: "CVE-2021-45640", }, { date: "2021-12-26T00:00:00", db: "CNNVD", id: "CNNVD-202112-2436", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-27T00:00:00", db: "VULMON", id: "CVE-2021-45640", }, { date: "2023-01-24T05:26:00", db: "JVNDB", id: "JVNDB-2021-017516", }, { date: "2022-01-12T14:26:34.460000", db: "NVD", id: "CVE-2021-45640", }, { date: "2022-01-13T00:00:00", db: "CNNVD", id: "CNNVD-202112-2436", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202112-2436", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2021-017516", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-202112-2436", }, ], trust: 0.6, }, }
var-202012-1182
Vulnerability from variot
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1182", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rbk22", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.26", }, { model: "r7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.68", }, { model: "rbk50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "rax120", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "rbk40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "rbs40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "rbr50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "rbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.26", }, { model: "rbs50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "d7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.56", }, { model: "rbs20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.26", }, { model: "rbr40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "rbk50", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rax120", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbr20", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbr40", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbk40", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbk22", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbs20", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbs40", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014997", }, { db: "NVD", id: "CVE-2020-35807", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk22_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk22:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-35807", }, ], }, cve: "CVE-2020-35807", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", exploitabilityScore: 6.8, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "LOW", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "None", baseScore: 3.5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2020-35807", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Low", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 1.7, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "cve@mitre.org", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 4.8, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2020-35807", impactScore: null, integrityImpact: "Low", privilegesRequired: "High", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-35807", trust: 1.8, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2020-35807", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202012-1791", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014997", }, { db: "NVD", id: "CVE-2020-35807", }, { db: "NVD", id: "CVE-2020-35807", }, { db: "CNNVD", id: "CNNVD-202012-1791", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2020-35807", }, { db: "JVNDB", id: "JVNDB-2020-014997", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-35807", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2020-014997", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202012-1791", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014997", }, { db: "NVD", id: "CVE-2020-35807", }, { db: "CNNVD", id: "CNNVD-202012-1791", }, ], }, id: "VAR-202012-1182", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.34089600666666664, }, last_update_date: "2023-12-18T13:23:01.869000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Stored Cross Site Scripting on Some Routers and Orbi WiFi Systems, PSV-2018-0557", trust: 0.8, url: "https://kb.netgear.com/000062730/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-orbi-wifi-systems-psv-2018-0557", }, { title: "Certain NETGEAR devices Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=138160", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014997", }, { db: "CNNVD", id: "CNNVD-202012-1791", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014997", }, { db: "NVD", id: "CVE-2020-35807", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://kb.netgear.com/000062730/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-orbi-wifi-systems-psv-2018-0557", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-35807", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014997", }, { db: "NVD", id: "CVE-2020-35807", }, { db: "CNNVD", id: "CNNVD-202012-1791", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2020-014997", }, { db: "NVD", id: "CVE-2020-35807", }, { db: "CNNVD", id: "CNNVD-202012-1791", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-09-07T00:00:00", db: "JVNDB", id: "JVNDB-2020-014997", }, { date: "2020-12-30T00:15:14.800000", db: "NVD", id: "CVE-2020-35807", }, { date: "2020-12-29T00:00:00", db: "CNNVD", id: "CNNVD-202012-1791", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-09-07T08:54:00", db: "JVNDB", id: "JVNDB-2020-014997", }, { date: "2021-01-04T16:18:38.800000", db: "NVD", id: "CVE-2020-35807", }, { date: "2021-01-12T00:00:00", db: "CNNVD", id: "CNNVD-202012-1791", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202012-1791", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Cross-site scripting vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2020-014997", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202012-1791", }, ], trust: 0.6, }, }
var-202004-1550
Vulnerability from variot
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.44, EX6150v2 before 1.0.1.70, EX6100v2 before 1.0.1.70, EX6200v2 before 1.0.1.64, EX7300 before 1.0.2.136, EX6400 before 1.0.2.136, R6100 before 1.0.1.16, R7500 before 1.0.0.110, R7800 before 1.0.2.32, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.56, WN3000RPv3 before 1.0.2.52, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR D7800 is a wireless modem. NETGEAR WNDR4300 is a wireless router.
There are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-1550", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "r9000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.4.12", }, { model: "r6100", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.16", }, { model: "d7800", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.44", }, { model: "ex7300", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.2.136", }, { model: "ex6400", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.2.136", }, { model: "r7500", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.110", }, { model: "r7800", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.2.32", }, { model: "ex6150", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.70", }, { model: "wndr4500", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.50", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.56", }, { model: "ex6200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.64", }, { model: "wndr4300", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.50", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.52", }, { model: "ex6100", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.70", }, { model: "d7800", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.44", }, { model: "ex6100", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.70", }, { model: "ex6150", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.70", }, { model: "ex6200", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.64", }, { model: "ex6400", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.2.136", }, { model: "ex7300", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.2.136", }, { model: "r6100", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.16", }, { model: "r7500", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.110", }, { model: "r7800", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.2.32", }, { model: "r9000", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.4.12", }, { model: "wndr4300v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.50", }, { model: "wndr4500v3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.50", }, { model: "wn3000rpv3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.2.52", }, { model: "ex6150v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.70", }, { model: "ex6100v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.70", }, { model: "ex6200v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.64", }, { model: "wn3000rpv2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.56", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-31331", }, { db: "JVNDB", id: "JVNDB-2018-016298", }, { db: "NVD", id: "CVE-2018-21114", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.44", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.64", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.136", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.136", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r6100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.16", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r6100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.52", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.50", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.50", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2018-21114", }, ], }, cve: "CVE-2018-21114", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", exploitabilityScore: 5.1, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Adjacent Network", authentication: "Single", author: "NVD", availabilityImpact: "Partial", baseScore: 5.2, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2018-016298", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", exploitabilityScore: 5.1, id: "CNVD-2020-31331", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "cve@mitre.org", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "NVD", availabilityImpact: "High", baseScore: 6.8, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2018-016298", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2018-21114", trust: 1, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2018-21114", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "JVNDB-2018-016298", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2020-31331", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202004-1898", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-31331", }, { db: "JVNDB", id: "JVNDB-2018-016298", }, { db: "NVD", id: "CVE-2018-21114", }, { db: "NVD", id: "CVE-2018-21114", }, { db: "CNNVD", id: "CNNVD-202004-1898", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.44, EX6150v2 before 1.0.1.70, EX6100v2 before 1.0.1.70, EX6200v2 before 1.0.1.64, EX7300 before 1.0.2.136, EX6400 before 1.0.2.136, R6100 before 1.0.1.16, R7500 before 1.0.0.110, R7800 before 1.0.2.32, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.56, WN3000RPv3 before 1.0.2.52, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR D7800 is a wireless modem. NETGEAR WNDR4300 is a wireless router. \n\r\n\r\nThere are injection vulnerabilities in many NETGEAR products, which can be exploited by an attacker to cause the system or product to produce an incorrect interpretation or interpretation method", sources: [ { db: "NVD", id: "CVE-2018-21114", }, { db: "JVNDB", id: "JVNDB-2018-016298", }, { db: "CNVD", id: "CNVD-2020-31331", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-21114", trust: 3, }, { db: "JVNDB", id: "JVNDB-2018-016298", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-31331", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202004-1898", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-31331", }, { db: "JVNDB", id: "JVNDB-2018-016298", }, { db: "NVD", id: "CVE-2018-21114", }, { db: "CNNVD", id: "CNNVD-202004-1898", }, ], }, id: "VAR-202004-1550", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-31331", }, ], trust: 1.2027832250000001, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-31331", }, ], }, last_update_date: "2023-12-18T13:51:55.947000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Post-Authentication Command Injection on Some Routers, Modem Routers, and Wireless Extenders, PSV-2017-0645", trust: 0.8, url: "https://kb.netgear.com/000060437/security-advisory-for-post-authentication-command-injection-on-some-routers-modem-routers-and-wireless-extenders-psv-2017-0645", }, { title: "Patch for Multiple NETGEAR product injection vulnerabilities (CNVD-2020-31331)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/219995", }, { title: "Multiple NETGEAR Fixing measures for product injection vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=117242", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-31331", }, { db: "JVNDB", id: "JVNDB-2018-016298", }, { db: "CNNVD", id: "CNNVD-202004-1898", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-74", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-016298", }, { db: "NVD", id: "CVE-2018-21114", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2018-21114", }, { trust: 1.6, url: "https://kb.netgear.com/000060437/security-advisory-for-post-authentication-command-injection-on-some-routers-modem-routers-and-wireless-extenders-psv-2017-0645", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-21114", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-31331", }, { db: "JVNDB", id: "JVNDB-2018-016298", }, { db: "NVD", id: "CVE-2018-21114", }, { db: "CNNVD", id: "CNNVD-202004-1898", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-31331", }, { db: "JVNDB", id: "JVNDB-2018-016298", }, { db: "NVD", id: "CVE-2018-21114", }, { db: "CNNVD", id: "CNNVD-202004-1898", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-03T00:00:00", db: "CNVD", id: "CNVD-2020-31331", }, { date: "2020-05-21T00:00:00", db: "JVNDB", id: "JVNDB-2018-016298", }, { date: "2020-04-22T15:15:13.537000", db: "NVD", id: "CVE-2018-21114", }, { date: "2020-04-22T00:00:00", db: "CNNVD", id: "CNNVD-202004-1898", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-03T00:00:00", db: "CNVD", id: "CNVD-2020-31331", }, { date: "2020-05-21T00:00:00", db: "JVNDB", id: "JVNDB-2018-016298", }, { date: "2020-04-24T19:27:50.287000", db: "NVD", id: "CVE-2018-21114", }, { date: "2020-04-26T00:00:00", db: "CNNVD", id: "CNNVD-202004-1898", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-202004-1898", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Injection vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2018-016298", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "injection", sources: [ { db: "CNNVD", id: "CNNVD-202004-1898", }, ], trust: 0.6, }, }
var-202112-2400
Vulnerability from variot
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.60, DM200 prior to 1.0.0.66, EX2700 prior to 1.0.1.56, EX6150v2 prior to 1.0.1.86, EX6200v2 prior to 1.0.1.86, EX6250 prior to 1.0.0.128, EX6400 prior to 1.0.2.144, EX6400v2 prior to 1.0.0.128, EX6410 prior to 1.0.0.128, EX6420 prior to 1.0.0.128, EX7300 prior to 1.0.2.144, EX7300v2 prior to 1.0.0.128, EX7320 prior to 1.0.0.128, R7500v2 prior to 1.0.3.46, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.26, R9000 prior to 1.0.5.2, RAX120 prior to 1.0.1.128, WN3000RPv2 prior to 1.0.0.78, WN3000RPv3 prior to 1.0.2.80, WNR2000v5 prior to 1.0.0.74, XR500 prior to 2.3.2.66, RBK20 prior to 2.7.3.22, RBR20 prior to 2.7.3.22, RBS20 prior to 2.7.3.22, RBK40 prior to 2.7.3.22, RBR40 prior to 2.7.3.22, and RBS40 prior to 2.7.3.22
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-2400", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ex7300v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.128", }, { model: "ex6200v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.86", }, { model: "rbk20", scope: "lt", trust: 1, vendor: "netgear", version: "2.7.3.22", }, { model: "wnr2000v5", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.74", }, { model: "ex7320", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.128", }, { model: "rbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.7.3.22", }, { model: "rbk40", scope: "lt", trust: 1, vendor: "netgear", version: "2.7.3.22", }, { model: "ex6410", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.128", }, { model: "rbs40", scope: "lt", trust: 1, vendor: "netgear", version: "2.7.3.22", }, { model: "r9000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.5.2", }, { model: "r7500v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.46", }, { model: "r8900", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.5.26", }, { model: "dm200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.66", }, { model: "d7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.60", }, { model: "ex7300", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.144", }, { model: "ex6150v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.86", }, { model: "ex2700", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.56", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "ex6250", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.128", }, { model: "ex6400", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.144", }, { model: "ex6400v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.128", }, { model: "rax120", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.128", }, { model: "xr500", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.2.66", }, { model: "rbs20", scope: "lt", trust: 1, vendor: "netgear", version: "2.7.3.22", }, { model: "r7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.74", }, { model: "wn3000rpv3", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.80", }, { model: "rbr40", scope: "lt", trust: 1, vendor: "netgear", version: "2.7.3.22", }, { model: "ex6420", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.128", }, { model: "ex6250", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6150v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6410", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6200v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6400v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex2700", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6420", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "dm200", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "ex6400", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017289", }, { db: "NVD", id: "CVE-2021-45548", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.60", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.86", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6200v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.86", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6200v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.46", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.74", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.5.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.5.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.128", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.80", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.74", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000v5_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2021-45548", }, ], }, cve: "CVE-2021-45548", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 8, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Partial", baseScore: 6.5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2021-45548", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "cve@mitre.org", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, impactScore: 5.5, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-45548", impactScore: null, integrityImpact: "High", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2021-45548", trust: 1.8, value: "HIGH", }, { author: "cve@mitre.org", id: "CVE-2021-45548", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202112-2364", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017289", }, { db: "NVD", id: "CVE-2021-45548", }, { db: "NVD", id: "CVE-2021-45548", }, { db: "CNNVD", id: "CNNVD-202112-2364", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22. plural NETGEAR A command injection vulnerability exists in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This affects D7800 prior to 1.0.1.60, DM200 prior to 1.0.0.66, EX2700 prior to 1.0.1.56, EX6150v2 prior to 1.0.1.86, EX6200v2 prior to 1.0.1.86, EX6250 prior to 1.0.0.128, EX6400 prior to 1.0.2.144, EX6400v2 prior to 1.0.0.128, EX6410 prior to 1.0.0.128, EX6420 prior to 1.0.0.128, EX7300 prior to 1.0.2.144, EX7300v2 prior to 1.0.0.128, EX7320 prior to 1.0.0.128, R7500v2 prior to 1.0.3.46, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.26, R9000 prior to 1.0.5.2, RAX120 prior to 1.0.1.128, WN3000RPv2 prior to 1.0.0.78, WN3000RPv3 prior to 1.0.2.80, WNR2000v5 prior to 1.0.0.74, XR500 prior to 2.3.2.66, RBK20 prior to 2.7.3.22, RBR20 prior to 2.7.3.22, RBS20 prior to 2.7.3.22, RBK40 prior to 2.7.3.22, RBR40 prior to 2.7.3.22, and RBS40 prior to 2.7.3.22", sources: [ { db: "NVD", id: "CVE-2021-45548", }, { db: "JVNDB", id: "JVNDB-2021-017289", }, { db: "VULMON", id: "CVE-2021-45548", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-45548", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2021-017289", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202112-2364", trust: 0.6, }, { db: "VULMON", id: "CVE-2021-45548", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2021-45548", }, { db: "JVNDB", id: "JVNDB-2021-017289", }, { db: "NVD", id: "CVE-2021-45548", }, { db: "CNNVD", id: "CNNVD-202112-2364", }, ], }, id: "VAR-202112-2400", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.4604951619047619, }, last_update_date: "2023-12-18T13:42:20.027000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Post-Authentication Command Injection on Some Routers, Extenders, and WiFi Systems, PSV-2019-0207", trust: 0.8, url: "https://kb.netgear.com/000064450/security-advisory-for-post-authentication-command-injection-on-some-routers-extenders-and-wifi-systems-psv-2019-0207", }, { title: "Netgear NETGEAR Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=176377", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017289", }, { db: "CNNVD", id: "CNNVD-202112-2364", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-77", trust: 1, }, { problemtype: "Command injection (CWE-77) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-017289", }, { db: "NVD", id: "CVE-2021-45548", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "https://kb.netgear.com/000064450/security-advisory-for-post-authentication-command-injection-on-some-routers-extenders-and-wifi-systems-psv-2019-0207", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2021-45548", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2021-45548", }, { db: "JVNDB", id: "JVNDB-2021-017289", }, { db: "NVD", id: "CVE-2021-45548", }, { db: "CNNVD", id: "CNNVD-202112-2364", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2021-45548", }, { db: "JVNDB", id: "JVNDB-2021-017289", }, { db: "NVD", id: "CVE-2021-45548", }, { db: "CNNVD", id: "CNNVD-202112-2364", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-26T00:00:00", db: "VULMON", id: "CVE-2021-45548", }, { date: "2023-01-13T00:00:00", db: "JVNDB", id: "JVNDB-2021-017289", }, { date: "2021-12-26T01:15:15.273000", db: "NVD", id: "CVE-2021-45548", }, { date: "2021-12-26T00:00:00", db: "CNNVD", id: "CNNVD-202112-2364", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-27T00:00:00", db: "VULMON", id: "CVE-2021-45548", }, { date: "2023-01-13T05:03:00", db: "JVNDB", id: "JVNDB-2021-017289", }, { date: "2022-01-10T16:06:32.407000", db: "NVD", id: "CVE-2021-45548", }, { date: "2022-01-11T00:00:00", db: "CNNVD", id: "CNNVD-202112-2364", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202112-2364", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Command injection vulnerability in device", sources: [ { db: "JVNDB", id: "JVNDB-2021-017289", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "command injection", sources: [ { db: "CNNVD", id: "CNNVD-202112-2364", }, ], trust: 0.6, }, }
var-202004-0797
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, DM200 before 1.0.0.61, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.26, R9000 before 1.0.4.26, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.66, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0797", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "r7800", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.2.52", }, { model: "r9000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.4.26", }, { model: "ex8000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.180", }, { model: "dm200", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.61", }, { model: "d6100", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.60", }, { model: "r8900", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.4.26", }, { model: "ex2700", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.48", }, { model: "wn2000rpt", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.32", }, { model: "wndr4500", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "ex6100", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.76", }, { model: "wn3100rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.66", }, { model: "ex6150", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.76", }, { model: "wndr4300", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "wnr2000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.68", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.68", }, { model: "ex6200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.72", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.70", }, { model: "d6100", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.60", }, { model: "dm200", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.61", }, { model: "ex2700", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.48", }, { model: "ex6100", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.76", }, { model: "ex6150", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.76", }, { model: "ex6200", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.72", }, { model: "ex8000", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.180", }, { model: "r7800", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.2.52", }, { model: "r8900", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.4.26", }, { model: "r9000", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.4.26", }, { model: "ex6100v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.76", }, { model: "ex6150v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.76", }, { model: "wn2000rptv3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.32", }, { model: "wn3000rpv3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.2.70", }, { model: "wn3100rpv2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.66", }, { model: "wn3000rpv2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.68", }, { model: "wndr4300v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.58", }, { model: "wndr4500v3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.58", }, { model: "wnr2000v5", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.68", }, { model: "ex6200v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.72", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-66985", }, { db: "JVNDB", id: "JVNDB-2019-015366", }, { db: "NVD", id: "CVE-2019-20751", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.60", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.61", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.48", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.72", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.180", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.52", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-20751", }, ], }, cve: "CVE-2019-20751", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", exploitabilityScore: 5.1, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Adjacent Network", authentication: "Single", author: "NVD", availabilityImpact: "Partial", baseScore: 5.2, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2019-015366", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", exploitabilityScore: 5.1, id: "CNVD-2021-66985", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "cve@mitre.org", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "NVD", availabilityImpact: "High", baseScore: 6.8, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2019-015366", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-20751", trust: 1, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2019-20751", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "JVNDB-2019-015366", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2021-66985", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202004-1362", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-66985", }, { db: "JVNDB", id: "JVNDB-2019-015366", }, { db: "NVD", id: "CVE-2019-20751", }, { db: "NVD", id: "CVE-2019-20751", }, { db: "CNNVD", id: "CNNVD-202004-1362", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, DM200 before 1.0.0.61, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.26, R9000 before 1.0.4.26, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.66, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, and WNR2000v5 before 1.0.0.68. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow, etc", sources: [ { db: "NVD", id: "CVE-2019-20751", }, { db: "JVNDB", id: "JVNDB-2019-015366", }, { db: "CNVD", id: "CNVD-2021-66985", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-20751", trust: 3, }, { db: "JVNDB", id: "JVNDB-2019-015366", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-66985", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202004-1362", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-66985", }, { db: "JVNDB", id: "JVNDB-2019-015366", }, { db: "NVD", id: "CVE-2019-20751", }, { db: "CNNVD", id: "CNNVD-202004-1362", }, ], }, id: "VAR-202004-0797", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-66985", }, ], trust: 1.2306787505, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-66985", }, ], }, last_update_date: "2023-12-18T14:00:32.721000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Post-Authentication Stack Overflow on Some Extenders, Gateways, and Routers, PSV-2018-0171", trust: 0.8, url: "https://kb.netgear.com/000060964/security-advisory-for-post-authentication-stack-overflow-on-some-extenders-gateways-and-routers-psv-2018-0171", }, { title: "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-66985)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/288721", }, { title: "Multiple NETGEAR Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=115006", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-66985", }, { db: "JVNDB", id: "JVNDB-2019-015366", }, { db: "CNNVD", id: "CNNVD-202004-1362", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-015366", }, { db: "NVD", id: "CVE-2019-20751", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20751", }, { trust: 1.6, url: "https://kb.netgear.com/000060964/security-advisory-for-post-authentication-stack-overflow-on-some-extenders-gateways-and-routers-psv-2018-0171", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20751", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-66985", }, { db: "JVNDB", id: "JVNDB-2019-015366", }, { db: "NVD", id: "CVE-2019-20751", }, { db: "CNNVD", id: "CNNVD-202004-1362", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-66985", }, { db: "JVNDB", id: "JVNDB-2019-015366", }, { db: "NVD", id: "CVE-2019-20751", }, { db: "CNNVD", id: "CNNVD-202004-1362", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-08-31T00:00:00", db: "CNVD", id: "CNVD-2021-66985", }, { date: "2020-05-14T00:00:00", db: "JVNDB", id: "JVNDB-2019-015366", }, { date: "2020-04-16T21:15:13.067000", db: "NVD", id: "CVE-2019-20751", }, { date: "2020-04-16T00:00:00", db: "CNNVD", id: "CNNVD-202004-1362", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-08-31T00:00:00", db: "CNVD", id: "CNVD-2021-66985", }, { date: "2020-05-14T00:00:00", db: "JVNDB", id: "JVNDB-2019-015366", }, { date: "2020-04-21T19:31:17.447000", db: "NVD", id: "CVE-2019-20751", }, { date: "2020-04-26T00:00:00", db: "CNNVD", id: "CNNVD-202004-1362", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-202004-1362", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Out-of-bounds write vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2019-015366", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202004-1362", }, ], trust: 0.6, }, }
var-202012-1181
Vulnerability from variot
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1181", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "r7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.68", }, { model: "d7800", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.56", }, { model: "rbk50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "wn3000rpv2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "rbr40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "rbk40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "rbs40", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "rbr50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "rbs20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.26", }, { model: "rbs50", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.30", }, { model: "rbk22", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.26", }, { model: "rbr20", scope: "lt", trust: 1, vendor: "netgear", version: "2.3.5.26", }, { model: "r7500v2", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.3.46", }, { model: "rax120", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.78", }, { model: "rax120", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbr20", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbr40", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbk40", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbk22", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbs20", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "rbs40", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r7500v2", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "d7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, { model: "r7800", scope: null, trust: 0.8, vendor: "ネットギア", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014996", }, { db: "NVD", id: "CVE-2020-35806", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.3.46", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk22_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk22:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2020-35806", }, ], }, cve: "CVE-2020-35806", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", exploitabilityScore: 6.8, impactScore: 2.9, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "LOW", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "None", baseScore: 3.5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2020-35806", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Low", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 1.7, impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "LOCAL", author: "cve@mitre.org", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.8, impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 4.8, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2020-35806", impactScore: null, integrityImpact: "Low", privilegesRequired: "High", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2020-35806", trust: 1.8, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2020-35806", trust: 1, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202012-1794", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014996", }, { db: "NVD", id: "CVE-2020-35806", }, { db: "NVD", id: "CVE-2020-35806", }, { db: "CNNVD", id: "CNNVD-202012-1794", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78. plural NETGEAR A cross-site scripting vulnerability exists in the device.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2020-35806", }, { db: "JVNDB", id: "JVNDB-2020-014996", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-35806", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2020-014996", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202012-1794", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014996", }, { db: "NVD", id: "CVE-2020-35806", }, { db: "CNNVD", id: "CNNVD-202012-1794", }, ], }, id: "VAR-202012-1181", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.3915963138461539, }, last_update_date: "2023-12-18T14:04:30.582000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Stored Cross Site Scripting on Some Routers and Orbi WiFi Systems, PSV-2018-0539", trust: 0.8, url: "https://kb.netgear.com/000062729/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-orbi-wifi-systems-psv-2018-0539", }, { title: "Certain NETGEAR devices Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=138163", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014996", }, { db: "CNNVD", id: "CNNVD-202012-1794", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014996", }, { db: "NVD", id: "CVE-2020-35806", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://kb.netgear.com/000062729/security-advisory-for-stored-cross-site-scripting-on-some-routers-and-orbi-wifi-systems-psv-2018-0539", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-35806", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-014996", }, { db: "NVD", id: "CVE-2020-35806", }, { db: "CNNVD", id: "CNNVD-202012-1794", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2020-014996", }, { db: "NVD", id: "CVE-2020-35806", }, { db: "CNNVD", id: "CNNVD-202012-1794", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-09-07T00:00:00", db: "JVNDB", id: "JVNDB-2020-014996", }, { date: "2020-12-30T00:15:14.737000", db: "NVD", id: "CVE-2020-35806", }, { date: "2020-12-29T00:00:00", db: "CNNVD", id: "CNNVD-202012-1794", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-09-07T08:54:00", db: "JVNDB", id: "JVNDB-2020-014996", }, { date: "2021-01-04T15:48:43.207000", db: "NVD", id: "CVE-2020-35806", }, { date: "2021-01-12T00:00:00", db: "CNNVD", id: "CNNVD-202012-1794", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202012-1794", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Cross-site scripting vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2020-014996", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202012-1794", }, ], trust: 0.6, }, }
var-202004-0785
Vulnerability from variot
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, DM200 before 1.0.0.58, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-0785", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "r7800", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.2.52", }, { model: "xr500", scope: "lt", trust: 1.6, vendor: "netgear", version: "2.3.2.32", }, { model: "r8900", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.4.2", }, { model: "d3600", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.75", }, { model: "d6000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.75", }, { model: "ex8000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.180", }, { model: "d6100", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.63", }, { model: "dm200", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.0.58", }, { model: "r9000", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.4.2", }, { model: "ex7300", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.2.136", }, { model: "ex6400", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.2.136", }, { model: "ex2700", scope: "lt", trust: 1.6, vendor: "netgear", version: "1.0.1.48", }, { model: "wn2000rpt", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.32", }, { model: "ex6100", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.76", }, { model: "wn3100rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.60", }, { model: "wnr2000", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.68", }, { model: "wndr4500", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "ex6150", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.76", }, { model: "wndr4300", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.58", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.0.68", }, { model: "ex6200", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.1.72", }, { model: "wn3000rp", scope: "lt", trust: 1, vendor: "netgear", version: "1.0.2.70", }, { model: "d3600", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.75", }, { model: "d6000", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.75", }, { model: "d6100", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.63", }, { model: "dm200", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.0.58", }, { model: "ex2700", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.48", }, { model: "ex6100", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.76", }, { model: "ex6150", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.76", }, { model: "ex6200", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.1.72", }, { model: "ex6400", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.2.136", }, { model: "ex7300", scope: "eq", trust: 0.8, vendor: "netgear", version: "1.0.2.136", }, { model: "ex6100v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.76", }, { model: "ex6150v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.76", }, { model: "wn2000rptv3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.32", }, { model: "wn3000rpv3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.2.70", }, { model: "wn3000rpv2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.68", }, { model: "wn3100rpv2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.60", }, { model: "wndr4300v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.58", }, { model: "wndr4500v3", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.58", }, { model: "wnr2000v5", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.0.68", }, { model: "ex6200v2", scope: "lt", trust: 0.6, vendor: "netgear", version: "1.0.1.72", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-61056", }, { db: "JVNDB", id: "JVNDB-2019-015409", }, { db: "NVD", id: "CVE-2019-20723", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.75", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.75", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.63", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.48", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.76", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.72", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.136", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.136", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.180", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.52", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.4.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn2000rpt_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.1.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn2000rpt:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3000rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.2.70", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3000rp:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wn3100rp_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.60", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wn3100rp:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4300_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4300:v2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wndr4500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wndr4500:v3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:wnr2000_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:wnr2000:v5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.3.2.32", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-20723", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "aircut", sources: [ { db: "CNNVD", id: "CNNVD-202004-1307", }, ], trust: 0.6, }, cve: "CVE-2019-20723", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", exploitabilityScore: 5.1, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Adjacent Network", authentication: "Single", author: "NVD", availabilityImpact: "Partial", baseScore: 5.2, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2019-015409", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", exploitabilityScore: 5.1, id: "CNVD-2021-61056", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "NVD", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", author: "cve@mitre.org", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 0.9, impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Adjacent Network", author: "NVD", availabilityImpact: "High", baseScore: 6.8, baseSeverity: "Medium", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2019-015409", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-20723", trust: 1, value: "MEDIUM", }, { author: "cve@mitre.org", id: "CVE-2019-20723", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "JVNDB-2019-015409", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2021-61056", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202004-1307", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-61056", }, { db: "JVNDB", id: "JVNDB-2019-015409", }, { db: "NVD", id: "CVE-2019-20723", }, { db: "NVD", id: "CVE-2019-20723", }, { db: "CNNVD", id: "CNNVD-202004-1307", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, DM200 before 1.0.0.58, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3000RPv3 before 1.0.2.70, WN3100RPv2 before 1.0.0.60, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R8900, etc. are all wireless routers from NETGEAR. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow", sources: [ { db: "NVD", id: "CVE-2019-20723", }, { db: "JVNDB", id: "JVNDB-2019-015409", }, { db: "CNVD", id: "CNVD-2021-61056", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-20723", trust: 3, }, { db: "JVNDB", id: "JVNDB-2019-015409", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-61056", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202004-1307", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-61056", }, { db: "JVNDB", id: "JVNDB-2019-015409", }, { db: "NVD", id: "CVE-2019-20723", }, { db: "CNNVD", id: "CNNVD-202004-1307", }, ], }, id: "VAR-202004-0785", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-61056", }, ], trust: 1.1869504833333333, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-61056", }, ], }, last_update_date: "2023-12-18T13:07:38.346000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Security Advisory for Post-Authentication Stack Overflow on Some Routers, Gateways, and Extenders, PSV-2018-0146", trust: 0.8, url: "https://kb.netgear.com/000061205/security-advisory-for-post-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2018-0146", }, { title: "Patch for Buffer overflow vulnerabilities in multiple NETGEAR products (CNVD-2021-61056)", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/285371", }, { title: "Multiple NETGEAR Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=114817", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-61056", }, { db: "JVNDB", id: "JVNDB-2019-015409", }, { db: "CNNVD", id: "CNNVD-202004-1307", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-015409", }, { db: "NVD", id: "CVE-2019-20723", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20723", }, { trust: 1.6, url: "https://kb.netgear.com/000061205/security-advisory-for-post-authentication-stack-overflow-on-some-routers-gateways-and-extenders-psv-2018-0146", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20723", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-61056", }, { db: "JVNDB", id: "JVNDB-2019-015409", }, { db: "NVD", id: "CVE-2019-20723", }, { db: "CNNVD", id: "CNNVD-202004-1307", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-61056", }, { db: "JVNDB", id: "JVNDB-2019-015409", }, { db: "NVD", id: "CVE-2019-20723", }, { db: "CNNVD", id: "CNNVD-202004-1307", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-08-11T00:00:00", db: "CNVD", id: "CNVD-2021-61056", }, { date: "2020-05-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-015409", }, { date: "2020-04-16T19:15:25.337000", db: "NVD", id: "CVE-2019-20723", }, { date: "2020-04-16T00:00:00", db: "CNNVD", id: "CNNVD-202004-1307", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-08-11T00:00:00", db: "CNVD", id: "CNVD-2021-61056", }, { date: "2020-05-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-015409", }, { date: "2020-04-22T21:01:03.557000", db: "NVD", id: "CVE-2019-20723", }, { date: "2020-04-26T00:00:00", db: "CNNVD", id: "CNNVD-202004-1307", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote or local", sources: [ { db: "CNNVD", id: "CNNVD-202004-1307", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural NETGEAR Out-of-bounds write vulnerabilities in devices", sources: [ { db: "JVNDB", id: "JVNDB-2019-015409", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202004-1307", }, ], trust: 0.6, }, }
cve-2021-45602
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.867Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:N/PR:L/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:38:46", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45602", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:N/PR:L/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", refsource: "MISC", url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { name: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", refsource: "MISC", url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45602", datePublished: "2021-12-26T00:38:46", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.867Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35808
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.189Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062708/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Range-Extenders-PSV-2018-0158", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:L/PR:H/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:36:56", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062708/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Range-Extenders-PSV-2018-0158", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35808", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "NONE", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:L/PR:H/S:C/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062708/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Range-Extenders-PSV-2018-0158", refsource: "MISC", url: "https://kb.netgear.com/000062708/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Range-Extenders-PSV-2018-0158", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35808", datePublished: "2020-12-29T23:36:56", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.189Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26913
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.712Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062340/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2018-0140", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before 1.0.0.78, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.70, XR450 before 2.3.2.40, and XR500 before 2.3.2.40.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-10-09T06:30:57", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062340/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2018-0140", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26913", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before 1.0.0.78, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.70, XR450 before 2.3.2.40, and XR500 before 2.3.2.40.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062340/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2018-0140", refsource: "MISC", url: "https://kb.netgear.com/000062340/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2018-0140", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26913", datePublished: "2020-10-09T06:30:57", dateReserved: "2020-10-09T00:00:00", dateUpdated: "2024-08-04T16:03:22.712Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35799
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.219Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:38:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35799", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296", refsource: "MISC", url: "https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35799", datePublished: "2020-12-29T23:38:28", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.219Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35807
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.184Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062730/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0557", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:N/C:H/I:H/PR:H/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:37:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062730/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0557", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35807", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:N/C:H/I:H/PR:H/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062730/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0557", refsource: "MISC", url: "https://kb.netgear.com/000062730/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0557", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35807", datePublished: "2020-12-29T23:37:04", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.184Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35806
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:15.248Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000062729/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0539", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:N/C:H/I:H/PR:H/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-29T23:37:12", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000062729/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0539", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35806", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:N/C:H/I:H/PR:H/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000062729/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0539", refsource: "MISC", url: "https://kb.netgear.com/000062729/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0539", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35806", datePublished: "2020-12-29T23:37:12", dateReserved: "2020-12-29T00:00:00", dateUpdated: "2024-08-04T17:09:15.248Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45641
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.737Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064053/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0624", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:L/PR:L/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:30:55", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064053/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0624", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45641", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT", availabilityImpact: "NONE", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:A/A:N/C:L/I:L/PR:L/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064053/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0624", refsource: "MISC", url: "https://kb.netgear.com/000064053/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0624", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45641", datePublished: "2021-12-26T00:30:55", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.737Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45603
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:00.858Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device's serial number, which can be used for a password reset. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:N/PR:L/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:38:30", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45603", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device's serial number, which can be used for a password reset. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:N/PR:L/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", refsource: "MISC", url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { name: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", refsource: "MISC", url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45603", datePublished: "2021-12-26T00:38:30", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:00.858Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45640
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.875Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064045/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0228", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:L/PR:H/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:31:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064045/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0228", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45640", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "ADJACENT", availabilityImpact: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:H/AV:A/A:L/C:L/I:L/PR:H/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064045/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0228", refsource: "MISC", url: "https://kb.netgear.com/000064045/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0228", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45640", datePublished: "2021-12-26T00:31:04", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.875Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45548
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:21.551Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064450/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0207", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:52:37", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064450/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0207", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45548", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:H/PR:H/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064450/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0207", refsource: "MISC", url: "https://kb.netgear.com/000064450/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0207", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45548", datePublished: "2021-12-26T00:52:37", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:39:21.551Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45658
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:47:01.959Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://kb.netgear.com/000064062/Security-Advisory-for-Server-Side-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0125", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:N/C:H/I:H/PR:L/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-26T00:27:48", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://kb.netgear.com/000064062/Security-Advisory-for-Server-Side-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0125", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45658", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:L/A:N/C:H/I:H/PR:L/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://kb.netgear.com/000064062/Security-Advisory-for-Server-Side-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0125", refsource: "MISC", url: "https://kb.netgear.com/000064062/Security-Advisory-for-Server-Side-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0125", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45658", datePublished: "2021-12-26T00:27:48", dateReserved: "2021-12-25T00:00:00", dateUpdated: "2024-08-04T04:47:01.959Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C8A5E09-861A-4C5F-8C0A-96803782E9EF", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*", matchCriteriaId: "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33C16A69-C930-4DA3-8750-EB50F2827731", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6F6EA344-FF99-4F27-9860-3C5BE07345A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9FCEBCD7-1D0D-47F6-BC72-A53BFBF3662D", versionEndExcluding: "1.1.00.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*", matchCriteriaId: "00E6A1B7-4732-4259-9B71-10FF0B56A16B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B185396-F010-45EF-B533-0AD61C095273", versionEndExcluding: "1.0.0.52", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EEA190-2E9C-4586-BF81-B115532FBA23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58E68C65-9685-40E8-8D51-6C922232168B", versionEndExcluding: "1.0.0.86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", matchCriteriaId: "7D30939B-86E3-4C78-9B05-686B4994C8B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53F5A909-D848-494E-9EB9-B794515372E2", versionEndExcluding: "1.0.1.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*", matchCriteriaId: "AF04B65B-9685-4595-9C71-0F77AD7109BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "80764A3F-A007-44A8-A43C-55C918B5BBA5", versionEndExcluding: "1.0.0.53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C35893A-C6C2-45C7-B3AF-BCFA62381BE5", versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C329B7CB-1281-480D-BDDB-E222044D715E", versionEndExcluding: "1.0.3.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", matchCriteriaId: "814A0114-9A1D-4EA0-9AF4-6968514E4F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDF9C0E1-7128-4052-B05E-3DD3394208A0", versionEndExcluding: "1.0.0.42", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*", matchCriteriaId: "F87FFC46-137D-45B8-B437-F15565FB33D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4B3A29A-7C13-4B36-B14A-A7B6243F8034", versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*", matchCriteriaId: "0BE59214-C8A1-4337-A54C-E4E8C149B241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dgn2200bv4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1406A926-8DBA-43B3-A0D7-BF4C9F991FDB", versionEndExcluding: "1.0.0.109", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dgn2200bv4:-:*:*:*:*:*:*:*", matchCriteriaId: "9C78A475-9DDF-432B-A94A-01EFAC7DC70D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B27650A-B7FE-41E4-8231-9283CC7B8349", versionEndExcluding: "1.0.0.61", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", matchCriteriaId: "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0864CF6F-C025-44FE-B00F-83E14ACE1F8F", versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B760484C-0D85-49BF-AA5D-2DB0A3A5D7E6", versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D508F3C7-5A18-4983-8A30-755EA1F99DC5", versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18C88DDC-92C2-400E-8269-88A0EA65A98A", versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2263B13-89CF-475E-ABE0-062783D924F7", versionEndExcluding: "1.0.1.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", matchCriteriaId: "9F45B620-60B8-40F3-A055-181ADD71EFFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50E2E26A-200E-4D00-9657-034EACE3944F", versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*", matchCriteriaId: "2451CC0C-71B2-474D-93F0-2B2ACD802FE3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79B24229-6AC2-489D-B542-4DAA7E630180", versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", matchCriteriaId: "B131B5C8-CB7F-433B-BA32-F05CE0E92A66", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B5B842D-2275-4968-997B-A70A67CBDBEC", versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*", matchCriteriaId: "C91CADFA-59DB-4B6C-A914-848884F4A4BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1DD1F7D-7556-4B95-A33F-E389948D20AA", versionEndExcluding: "1.0.4.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", matchCriteriaId: "321BE843-52C4-4638-A321-439CA7B3A6F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34450066-658C-49CC-A853-2FA99ACAB205", versionEndExcluding: "1.0.4.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "7909744D-FE9B-49D1-ADB3-029CCC432A47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BF91E85-8869-4421-8748-C7856C06435B", versionEndExcluding: "1.0.1.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D075FD21-C022-4246-8465-4EF79BADD29C", versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD6FD0FE-1431-4E39-8D07-B4AFE5BDB1B6", versionEndExcluding: "1.0.2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*", matchCriteriaId: "21B27F11-4262-4CE1-8107-B365A7C152F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2D295754-5385-48CF-B354-3D3E5C53B1B2", versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5BB97877-F16D-4A9F-A130-9623A92C28DE", versionEndExcluding: "1.0.2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*", matchCriteriaId: "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E453D3AE-A218-4791-BB19-79C2CF6EC6F8", versionEndExcluding: "1.0.9.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0870C337-6BCE-4197-A9DE-6CED2B45AD58", versionEndExcluding: "1.0.0.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", matchCriteriaId: "366FA778-3C2A-42AF-9141-DAD7043B406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B9F6D3F1-4064-4CAD-85D4-E1B2E72B440C", versionEndExcluding: "1.0.3.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2BCA6487-57EC-4630-884F-820BBFE25843", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8B02CB0A-BBB8-4A64-93B3-7CA1DF7B7299", versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D3F1622-F2B7-41F0-87F0-61F4ACB270C8", versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5AC056A-DF92-4CA7-9919-2C9BDAE3C32D", versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F1F914AD-70DC-47F5-A2F7-672DBE89C62E", versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "448D7EA1-A7BB-4AA5-8260-1D533D6A99AC", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CC5263E-71E4-4B63-AD77-D1E72DC704B0", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA9F2B44-4114-495A-B200-B703FDFC3F8F", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1525B9D0-B147-437D-ACAE-58819A1F4FC6", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D130E198-E9F5-4250-9C52-E39DF5C96711", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A25B8627-D325-493B-8B7D-4F900334F0D8", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4515F985-B714-480C-8FBA-2499A29F29FA", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08426AC6-4811-43E8-87EB-204A2729C49B", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81ED6C61-2A7C-49EC-BD3D-466442EF715C", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA82BFA7-9B98-408C-BE81-E8D7532780A2", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D1EF946-5FEF-4DD7-8567-CB435FAA41E2", versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F024A464-DB7D-4F6E-A951-3D8068F86470", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C3B2795-B3B0-4709-B37B-46A713BCCABE", versionEndExcluding: "1.0.1.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*", matchCriteriaId: "37F227D8-332F-4D24-BAEA-AA5DB3E3EC95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E0141851-BE96-4F6A-883F-3B20AE6945C1", versionEndExcluding: "1.1.0.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*", matchCriteriaId: "C2189628-03E7-445A-9EF2-656A85539115", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr3500lv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F667392E-F63E-4186-9BA3-7F9A4AA3EC67", versionEndExcluding: "1.2.0.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr3500lv2:-:*:*:*:*:*:*:*", matchCriteriaId: "FC3F6D58-D900-41B4-8626-58928866208A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7284BC09-A244-4F2F-A02A-34C0F5CA64EE", versionEndExcluding: "2.3.2.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", matchCriteriaId: "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA9B22EF-5791-41DB-8CC1-A1B60CF4A73F", versionEndExcluding: "2.3.2.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBK40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR20 before 2.3.0.28, RBR40 before 2.3.0.28, RBR50 before 2.3.0.32, RBS20 before 2.3.0.28, RBS40 before 2.3.0.28, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.56, and XR500 before 2.3.2.56.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una configuración incorrecta de los ajustes de seguridad. Esto afecta a D3600 versiones anteriores a 1.0.0.72, al D6000 versiones anteriores a 1.0.0.72, al D6200 versiones anteriores a 1.1.00.34, al D6220 versiones anteriores a 1.0.0.52, al D6400 versiones anteriores a 1.0.0.86, a D7000 versiones anteriores a 1.0.1.74, a D7000v2 versiones anteriores a 1.0.0.53, a D7800 versiones anteriores a 1.0.0.53. 0.0.53, D7800 versiones anteriores a 1.0.1.56, D8500 versiones anteriores a 1.0.3.44, DC112A versiones anteriores a 1.0.0.42, DGN2200v4 versiones anteriores a 1.0.0.110, DGND2200Bv4 versiones anteriores a 1.0.0.109, DM200 versiones anteriores a 1. 0.0.61, EX3700 versiones anteriores a 1.0.0.76, EX3800 versiones anteriores a 1.0.0.76, EX6120 versiones anteriores a 1.0.0.46, EX6130 versiones anteriores a 1.0.0.28, EX7000 versiones anteriores a 1.0.1.78, PR2000 versiones anteriores a 1.0.0. 28, R6220 versiones anteriores a 1.1.0.100, R6230 versiones anteriores a 1.1.0.100, R6250 versiones anteriores a 1.0.4.34, R6300v2 versiones anteriores a 1.0.4.34, R6400 versiones anteriores a 1.0.1.46, R6400v2 versiones anteriores a 1.0.2.66, R6700 versiones anteriores a 1. 0.2.6, R6700v3 versiones anteriores a 1.0.2.66, R6900 versiones anteriores a 1.0.2.6, R7000 versiones anteriores a 1.0.9.34, R7100LG versiones anteriores a 1.0.0.50, R7500v2 versiones anteriores a 1.0.3.40, R7900P versiones anteriores a 1.4.1. 50, R8000P versiones anteriores a 1.4.1.50, R8900 versiones anteriores a 1.0.4.12, R9000 versiones anteriores a 1.0.4.12, RBK20 versiones anteriores a 2.3.0.28, RBK40 versiones anteriores a 2.3.0.28, RBK50 versiones anteriores a 2.3.0.32, RBR20 versiones anteriores a 2. 3.0.28, RBR40 versiones anteriores a 2.3.0.28, RBR50 versiones anteriores a 2.3.0.32, RBS20 versiones anteriores a 2.3.0.28, RBS40 versiones anteriores a 2.3.0.28, RBS50 versiones anteriores a 2.3.0.32, WN3000RPv2 versiones anteriores a 1.0.0. 78, WNDR3400v3 versiones anteriores a 1.0.1.24, WNR2000v5 versiones anteriores a 1.0.0.70, WNR2020 versiones anteriores a 1.1.0.62, WNR3500Lv2 versiones anteriores a 1.2.0.62, XR450 versiones anteriores a 2.3.2.56 y XR500 versiones anteriores a 2.3.2.56", }, ], id: "CVE-2021-45640", lastModified: "2024-11-21T06:32:45.090", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.4, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.643", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064045/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064045/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0228", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD", versionEndExcluding: "1.0.1.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFD91F26-5253-4A05-AB69-94CB2C416F83", versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", matchCriteriaId: "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDB07B26-FD18-4023-A143-E890076FF68A", versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5AC48A9A-9B6B-4E46-A022-958939EB2827", versionEndExcluding: "1.0.1.86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", matchCriteriaId: "5828F04B-E373-4E4F-942D-08CCA038418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6200v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "033E6FD3-A903-438D-88B2-F6AF7B2ECBCE", versionEndExcluding: "1.0.1.86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6200v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2141AE0A-18CB-4142-A850-B2153DAEE5A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DB1C84E8-B947-4850-9D66-E306557DC316", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", matchCriteriaId: "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C515A99-8AC2-404F-BD64-9043C72EC4EC", versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", matchCriteriaId: "1289BBB4-1955-46A4-B5FE-BF11153C24F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "22C5E2C9-E8DA-478A-B3B1-2C0038B5D560", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "5882095F-B22A-4937-BA08-6640140F10AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0DD3A7D2-75CE-4C67-AAE2-75F09653DFA7", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", matchCriteriaId: "C63267D8-4632-4D14-B39C-BEEC62AD8F87", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "270D7E5A-4680-4F01-ADBA-8A8B7368CBAA", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", matchCriteriaId: "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC45DE2E-BC27-4710-A237-1EFB4CD06299", versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", matchCriteriaId: "F285D60D-A5DA-4467-8F79-15EF8135D007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3B1295F-3207-4DF4-BA5B-0DE7AB289636", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "0A88D2A3-3B22-4639-94E9-69CE80F37392", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0EE4BFF4-42DA-4A09-892E-6FBBE72B28A6", versionEndExcluding: "1.0.0.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", matchCriteriaId: "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "801B6E47-327F-4C7F-B3BD-CC08F94B19AC", versionEndExcluding: "1.0.3.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2BCA6487-57EC-4630-884F-820BBFE25843", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C393DBF4-8281-4611-B591-CDB9DF0AA958", versionEndExcluding: "1.0.2.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "617156D5-63CB-4533-A816-C7FCA2F1C0EF", versionEndExcluding: "1.0.5.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A3A5762A-D32D-459B-B6CE-C54F8704BDEF", versionEndExcluding: "1.0.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9B47F077-65E9-4971-975A-357B6CD4017F", versionEndExcluding: "1.0.1.128", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", matchCriteriaId: "1742BD56-84E4-40E1-8C04-098B3715161E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA82BFA7-9B98-408C-BE81-E8D7532780A2", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29D544D2-5FF5-4C86-94A9-5562B277ABDC", versionEndExcluding: "1.0.2.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", matchCriteriaId: "958243A2-6829-464F-80EA-7DD5B6F0DD7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E158EE92-A472-447D-BFFE-F2A74674326F", versionEndExcluding: "1.0.0.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F024A464-DB7D-4F6E-A951-3D8068F86470", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0BCFB551-95C6-4EEF-83F0-4246F67E6668", versionEndExcluding: "2.3.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A4021DFA-AEBD-4C6C-9793-48171990F8B3", versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E0AC598-D991-49E0-86ED-4ABF0E42E504", versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3C936668-6B8C-4497-A5A3-7C4B6CADB09B", versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CA096BE4-3AE5-4AEA-B4C4-359D3A0C7F1E", versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1FD3226E-1B9D-420E-AD7B-7D1DDC867D3F", versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "40435599-FC79-4563-BF8B-BB1F84BDA82D", versionEndExcluding: "2.7.3.22", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a D7800 versiones anteriores a 1.0.1.60, DM200 versiones anteriores a 1.0.0.66, EX2700 versiones anteriores a 1.0.1.56, EX6150v2 versiones anteriores a 1.0.1.86, EX6200v2 versiones anteriores a 1.0.1.86, EX6250 versiones anteriores a 1.0.0.128, EX6400 versiones anteriores a 1.0. 2.144, EX6400v2 versiones anteriores a 1.0.0.128, EX6410 versiones anteriores a 1.0.0.128, EX6420 versiones anteriores a 1.0.0.128, EX7300 versiones anteriores a 1.0.2.144, EX7300v2 versiones anteriores a 1.0.0.128, EX7320 versiones anteriores a 1.0.0.128, R7500v2 versiones anteriores a 1. 0.3.46, R7800 versiones anteriores a 1.0.2.74, R8900 versiones anteriores a 1.0.5.26, R9000 versiones anteriores a 1.0.5.2, RAX120 versiones anteriores a 1.0.1.128, WN3000RPv2 versiones anteriores a 1.0.0.78, WN3000RPv3 versiones anteriores a 1.0.2.80, WNR2000v5 versiones anteriores a 1. 0.0.74, XR500 versiones anteriores a 2.3.2.66, RBK20 versiones anteriores a 2.7.3.22, RBR20 versiones anteriores a 2.7.3.22, RBS20 versiones anteriores a 2.7.3.22, RBK40 versiones anteriores a 2.7.3.22, RBR40 versiones anteriores a 2.7.3.22 y RBS40 versiones anteriores a 2.7.3.22", }, ], id: "CVE-2021-45548", lastModified: "2024-11-21T06:32:29.167", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.5, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:15.273", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064450/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064450/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0207", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vendor | Product | Version | |
---|---|---|---|
netgear | d7800_firmware | * | |
netgear | d7800 | - | |
netgear | ex2700_firmware | * | |
netgear | ex2700 | - | |
netgear | wn3000rpv2_firmware | * | |
netgear | wn3000rpv2 | - | |
netgear | wn3000rpv3_firmware | * | |
netgear | wn3000rpv3 | - | |
netgear | lbr1020_firmware | * | |
netgear | lbr1020 | - | |
netgear | lbr20_firmware | * | |
netgear | lbr20 | - | |
netgear | r6700ax_firmware | * | |
netgear | r6700ax | - | |
netgear | r7800_firmware | * | |
netgear | r7800 | - | |
netgear | r8900_firmware | * | |
netgear | r8900 | - | |
netgear | r9000_firmware | * | |
netgear | r9000 | - | |
netgear | rax10_firmware | * | |
netgear | rax10 | - | |
netgear | rax120v1_firmware | * | |
netgear | rax120v1 | - | |
netgear | rax120v2_firmware | * | |
netgear | rax120v2 | - | |
netgear | rax70_firmware | * | |
netgear | rax70 | - | |
netgear | rax78_firmware | * | |
netgear | rax78 | - | |
netgear | xr450_firmware | * | |
netgear | xr450 | - | |
netgear | xr500_firmware | * | |
netgear | xr500 | - | |
netgear | xr700_firmware | * | |
netgear | xr700 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EBB7728E-4535-4A67-9F8F-3CD4FE29C4A9", versionEndExcluding: "1.0.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "110B4669-7AA6-4444-BFEF-9F7DF5C40D0B", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A7305D0F-6995-411B-BDF6-106102C717AB", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28C0758E-2793-4342-AEA0-DA7F49C4A38E", versionEndExcluding: "1.0.2.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", matchCriteriaId: "958243A2-6829-464F-80EA-7DD5B6F0DD7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lbr1020_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05E6F6DD-5CC6-426B-92F5-34B9A8525810", versionEndExcluding: "2.6.5.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lbr1020:-:*:*:*:*:*:*:*", matchCriteriaId: "953F0743-4B34-4CE9-815E-D87253720CBE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AAD88A5-E90E-4A96-BE01-DF14ADC44881", versionEndExcluding: "2.6.5.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C65624DD-9DDF-4167-89D9-8629587082A6", versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700ax:-:*:*:*:*:*:*:*", matchCriteriaId: "F9B37178-0C67-4EF0-A9B8-5BB5B9DBFB8F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "76FAB8C7-79BA-4592-AF47-198D3EE48DCF", versionEndExcluding: "1.0.2.86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13593203-FB80-4BDA-96CC-AAE5C33E560A", versionEndExcluding: "1.0.5.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4D90EEE2-4D7C-46ED-9DF4-C232F30D97ED", versionEndExcluding: "1.0.5.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB930C5E-4232-4212-AFEB-A4D0904F2B22", versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax10:-:*:*:*:*:*:*:*", matchCriteriaId: "1742F1BB-3D78-4E5E-9479-6614A56B4700", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120v1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E370208B-8A35-4F76-8C79-BD5F1ABECA4D", versionEndExcluding: "1.2.3.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120v1:-:*:*:*:*:*:*:*", matchCriteriaId: "774148F4-42EA-4F2A-98AB-1511DAB5774A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91CED146-E9DC-4F73-A2CF-A6D78F29D0F7", versionEndExcluding: "1.2.3.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120v2:-:*:*:*:*:*:*:*", matchCriteriaId: "50D741E6-43F9-4BDC-B1A4-281AC73A7C19", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax70_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE615E08-904D-4DD5-835F-CE48B6D87650", versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax70:-:*:*:*:*:*:*:*", matchCriteriaId: "AE1314C3-4950-4F5A-9900-789710CE7F98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax78_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A4940E3E-2320-4B73-B5DB-DDB7BE410EF0", versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax78:-:*:*:*:*:*:*:*", matchCriteriaId: "EABDFEEF-228C-429E-9B80-B6A0CA7D5AA9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EC1DFC6-B5A7-486B-BD50-BB79B3FF368A", versionEndExcluding: "2.3.2.130", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", matchCriteriaId: "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E50B1D80-6C4A-488D-8CAC-638DFFE23E6F", versionEndExcluding: "2.3.2.130", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3539C94-0B31-48FC-A432-3DC3E4E0CBBC", versionEndExcluding: "1.0.1.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", matchCriteriaId: "E12892C8-5E01-49A6-BF47-09D630377093", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device's serial number, which can be used for a password reset. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una divulgación de información confidencial. Una petición UPnP revela el número de serie de un dispositivo, que puede ser usado para restablecer la contraseña. Esto afecta a D7800 versiones anteriores a 1.0.1.66, a EX2700 versiones anteriores a 1.0.1.68, al WN3000RPv2 versiones anteriores a 1.0.0.90, al WN3000RPv3 versiones anteriores a 1.0.2.100, a LBR1020 versiones anteriores a 2.6.5.20, a LBR20 versiones anteriores a 2.6.5.32, a R6700AX versiones anteriores a 1.0.10.110, a R7800 versiones anteriores a 1.0.2.86, a R8900 versiones anteriores a 1. 0.5.38, R9000 versiones anteriores a 1.0.5.38, RAX10 versiones anteriores a 1.0.10.110, RAX120v1 versiones anteriores a 1.2.3.28, RAX120v2 versiones anteriores a 1.2.3.28, RAX70 versiones anteriores a 1.0.10.110, RAX78 versiones anteriores a 1.0.10.110, XR450 versiones anteriores a 2.3.2.130, XR500 versiones anteriores a 2.3.2.130 y XR700 versiones anteriores a 1.0.1.46", }, ], id: "CVE-2021-45603", lastModified: "2024-11-21T06:32:38.527", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.853", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C8A5E09-861A-4C5F-8C0A-96803782E9EF", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*", matchCriteriaId: "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33C16A69-C930-4DA3-8750-EB50F2827731", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6F6EA344-FF99-4F27-9860-3C5BE07345A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9FCEBCD7-1D0D-47F6-BC72-A53BFBF3662D", versionEndExcluding: "1.1.00.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*", matchCriteriaId: "00E6A1B7-4732-4259-9B71-10FF0B56A16B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4B185396-F010-45EF-B533-0AD61C095273", versionEndExcluding: "1.0.0.52", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*", matchCriteriaId: "F3EEA190-2E9C-4586-BF81-B115532FBA23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "58E68C65-9685-40E8-8D51-6C922232168B", versionEndExcluding: "1.0.0.86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*", matchCriteriaId: "7D30939B-86E3-4C78-9B05-686B4994C8B9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53F5A909-D848-494E-9EB9-B794515372E2", versionEndExcluding: "1.0.1.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*", matchCriteriaId: "AF04B65B-9685-4595-9C71-0F77AD7109BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "80764A3F-A007-44A8-A43C-55C918B5BBA5", versionEndExcluding: "1.0.0.53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000v2:-:*:*:*:*:*:*:*", matchCriteriaId: "6DC6BD34-1A2C-4247-A20C-0B44C0F56E0F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C35893A-C6C2-45C7-B3AF-BCFA62381BE5", versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d8500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C329B7CB-1281-480D-BDDB-E222044D715E", versionEndExcluding: "1.0.3.44", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*", matchCriteriaId: "814A0114-9A1D-4EA0-9AF4-6968514E4F01", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dc112a_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FDF9C0E1-7128-4052-B05E-3DD3394208A0", versionEndExcluding: "1.0.0.42", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dc112a:-:*:*:*:*:*:*:*", matchCriteriaId: "F87FFC46-137D-45B8-B437-F15565FB33D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dgn2200v4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D4B3A29A-7C13-4B36-B14A-A7B6243F8034", versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dgn2200v4:-:*:*:*:*:*:*:*", matchCriteriaId: "0BE59214-C8A1-4337-A54C-E4E8C149B241", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dgn2200bv4_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1406A926-8DBA-43B3-A0D7-BF4C9F991FDB", versionEndExcluding: "1.0.0.109", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dgn2200bv4:-:*:*:*:*:*:*:*", matchCriteriaId: "9C78A475-9DDF-432B-A94A-01EFAC7DC70D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B27650A-B7FE-41E4-8231-9283CC7B8349", versionEndExcluding: "1.0.0.61", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", matchCriteriaId: "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0864CF6F-C025-44FE-B00F-83E14ACE1F8F", versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*", matchCriteriaId: "CDAA5899-B73C-4690-853E-B5400F034BE1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B760484C-0D85-49BF-AA5D-2DB0A3A5D7E6", versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*", matchCriteriaId: "CC5488D9-651C-4BAB-A141-06B816690D42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D508F3C7-5A18-4983-8A30-755EA1F99DC5", versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*", matchCriteriaId: "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "18C88DDC-92C2-400E-8269-88A0EA65A98A", versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*", matchCriteriaId: "305E295C-9C73-4798-A0BE-7973E1EE5EAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2263B13-89CF-475E-ABE0-062783D924F7", versionEndExcluding: "1.0.1.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*", matchCriteriaId: "9F45B620-60B8-40F3-A055-181ADD71EFFF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50E2E26A-200E-4D00-9657-034EACE3944F", versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*", matchCriteriaId: "2451CC0C-71B2-474D-93F0-2B2ACD802FE3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "79B24229-6AC2-489D-B542-4DAA7E630180", versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", matchCriteriaId: "B131B5C8-CB7F-433B-BA32-F05CE0E92A66", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B5B842D-2275-4968-997B-A70A67CBDBEC", versionEndExcluding: "1.1.0.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*", matchCriteriaId: "C91CADFA-59DB-4B6C-A914-848884F4A4BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1DD1F7D-7556-4B95-A33F-E389948D20AA", versionEndExcluding: "1.0.4.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*", matchCriteriaId: "321BE843-52C4-4638-A321-439CA7B3A6F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "34450066-658C-49CC-A853-2FA99ACAB205", versionEndExcluding: "1.0.4.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "7909744D-FE9B-49D1-ADB3-029CCC432A47", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8BF91E85-8869-4421-8748-C7856C06435B", versionEndExcluding: "1.0.1.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*", matchCriteriaId: "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D075FD21-C022-4246-8465-4EF79BADD29C", versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "AFE6B3A8-0601-44EA-AD9B-3BDDE6654FDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AD6FD0FE-1431-4E39-8D07-B4AFE5BDB1B6", versionEndExcluding: "1.0.2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*", matchCriteriaId: "21B27F11-4262-4CE1-8107-B365A7C152F2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2D295754-5385-48CF-B354-3D3E5C53B1B2", versionEndExcluding: "1.0.2.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v3:-:*:*:*:*:*:*:*", matchCriteriaId: "C88DA385-5FAE-49EC-80D6-78F81E7EEC16", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5BB97877-F16D-4A9F-A130-9623A92C28DE", versionEndExcluding: "1.0.2.6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*", matchCriteriaId: "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E453D3AE-A218-4791-BB19-79C2CF6EC6F8", versionEndExcluding: "1.0.9.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*", matchCriteriaId: "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0870C337-6BCE-4197-A9DE-6CED2B45AD58", versionEndExcluding: "1.0.0.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*", matchCriteriaId: "366FA778-3C2A-42AF-9141-DAD7043B406C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B9F6D3F1-4064-4CAD-85D4-E1B2E72B440C", versionEndExcluding: "1.0.3.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2BCA6487-57EC-4630-884F-820BBFE25843", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8B02CB0A-BBB8-4A64-93B3-7CA1DF7B7299", versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*", matchCriteriaId: "F3D6A70D-66AF-4064-9F1B-4358D4B1F016", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9D3F1622-F2B7-41F0-87F0-61F4ACB270C8", versionEndExcluding: "1.4.1.50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*", matchCriteriaId: "F7EF872D-2537-4FEB-8799-499FC9D44339", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5AC056A-DF92-4CA7-9919-2C9BDAE3C32D", versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F1F914AD-70DC-47F5-A2F7-672DBE89C62E", versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "448D7EA1-A7BB-4AA5-8260-1D533D6A99AC", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CC5263E-71E4-4B63-AD77-D1E72DC704B0", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA9F2B44-4114-495A-B200-B703FDFC3F8F", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1525B9D0-B147-437D-ACAE-58819A1F4FC6", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D130E198-E9F5-4250-9C52-E39DF5C96711", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A25B8627-D325-493B-8B7D-4F900334F0D8", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4515F985-B714-480C-8FBA-2499A29F29FA", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08426AC6-4811-43E8-87EB-204A2729C49B", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81ED6C61-2A7C-49EC-BD3D-466442EF715C", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA82BFA7-9B98-408C-BE81-E8D7532780A2", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D1EF946-5FEF-4DD7-8567-CB435FAA41E2", versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F024A464-DB7D-4F6E-A951-3D8068F86470", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wndr3400v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C3B2795-B3B0-4709-B37B-46A713BCCABE", versionEndExcluding: "1.0.1.24", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wndr3400v3:-:*:*:*:*:*:*:*", matchCriteriaId: "37F227D8-332F-4D24-BAEA-AA5DB3E3EC95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E0141851-BE96-4F6A-883F-3B20AE6945C1", versionEndExcluding: "1.1.0.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*", matchCriteriaId: "C2189628-03E7-445A-9EF2-656A85539115", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA9B22EF-5791-41DB-8CC1-A1B60CF4A73F", versionEndExcluding: "2.3.2.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 before 1.0.0.53, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200Bv4 before 1.0.0.109, DGN2200v4 before 1.0.0.110, DM200 before 1.0.0.61, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6120 before 1.0.0.46, EX6130 before 1.0.0.28, EX7000 before 1.0.1.78, PR2000 before 1.0.0.28, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6250 before 1.0.4.34, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R6700 before 1.0.2.6, R6900 before 1.0.2.6, R7000 before 1.0.9.34, R7100LG before 1.0.0.50, R7500v2 before 1.0.3.40, R7900P before 1.4.1.50, R8000P before 1.4.1.50, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN3000RPv2 before 1.0.0.78, WNDR3400v3 before 1.0.1.24, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.56.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una configuración incorrecta de los ajustes de seguridad. Esto afecta a D3600 versiones anteriores a 1.0.0.72, D6000 versiones anteriores a 1.0.0.72, D6200 versiones anteriores a 1.1.00.34, D6220 versiones anteriores a 1.0.0.52, D6400 versiones anteriores a 1.0.0.86, D7000 versiones anteriores a 1.0. 1.74, D7000v2 versiones anteriores a 1.0.0.53, D7800 versiones anteriores a 1.0.1.56, D8500 versiones anteriores a 1.0.3.44, DC112A versiones anteriores a 1.0.0.42, DGN2200Bv4 versiones anteriores a 1.0.0.109, DGN2200v4 versiones anteriores a 1. 0.0.110, DM200 versiones anteriores a 1.0.0.61, EX3700 versiones anteriores a 1.0.0.76, EX3800 versiones anteriores a 1.0.0.76, EX6120 versiones anteriores a 1.0.0.46, EX6130 versiones anteriores a 1.0.0.28, EX7000 versiones anteriores a 1. 0.1.78, PR2000 versiones anteriores a 1.0.0.28, R6220 versiones anteriores a 1.1.0.100, R6230 versiones anteriores a 1.1.0.100, R6250 versiones anteriores a 1.0.4.34, R6300v2 versiones anteriores a 1.0.4.34, R6400 versiones anteriores a 1.0.1. 46, R6400v2 versiones anteriores a 1.0.2.66, R6700v3 versiones anteriores a 1.0.2.66, R6700 versiones anteriores a 1.0.2.6, R6900 versiones anteriores a 1.0.2.6, R7000 versiones anteriores a 1.0.9.34, R7100LG versiones anteriores a 1.0.0. 50, R7500v2 versiones anteriores a 1.0.3.40, R7900P versiones anteriores a 1.4.1.50, R8000P versiones anteriores a 1.4.1.50, R8900 versiones anteriores a 1.0.4.12, R9000 versiones anteriores a 1.0.4.12, RBK20 versiones anteriores a 2.3.0.28, RBR20 versiones anteriores a 2. 3.0.28, RBS20 versiones anteriores a 2.3.0.28, RBK40 versiones anteriores a 2.3.0.28, RBR40 versiones anteriores a 2.3.0.28, RBS40 versiones anteriores a 2.3.0.28, RBK50 versiones anteriores a 2.3.0.32, RBR50 versiones anteriores a 2.3.0. 32, RBS50 versiones anteriores a 2.3.0.32, WN3000RPv2 versiones anteriores a 1.0.0.78, WNDR3400v3 versiones anteriores a 1.0.1.24, WNR2000v5 versiones anteriores a 1.0.0.70, WNR2020 versiones anteriores a 1.1.0.62 y XR500 versiones anteriores a 2.3.2.56", }, ], id: "CVE-2021-45641", lastModified: "2024-11-21T06:32:45.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 2.5, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:19.690", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064053/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0624", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064053/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2018-0624", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d3600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7BECFDEE-A795-43F1-9651-13096141B3BE", versionEndExcluding: "1.0.0.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d3600:-:*:*:*:*:*:*:*", matchCriteriaId: "31DE9D4E-3CDC-4552-A63F-DD5D95E23F63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "358AD63C-C3D0-4749-BA4D-AA22815EA5E1", versionEndExcluding: "1.0.078", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6F6EA344-FF99-4F27-9860-3C5BE07345A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A779DDFF-420F-4853-A7D8-F8E5A2A98D12", versionEndExcluding: "1.1.00.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6200:-:*:*:*:*:*:*:*", matchCriteriaId: "00E6A1B7-4732-4259-9B71-10FF0B56A16B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D127F467-E2D0-462C-B9E1-458CFFFAC062", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7000:-:*:*:*:*:*:*:*", matchCriteriaId: "AF04B65B-9685-4595-9C71-0F77AD7109BE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C35893A-C6C2-45C7-B3AF-BCFA62381BE5", versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B27650A-B7FE-41E4-8231-9283CC7B8349", versionEndExcluding: "1.0.0.61", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", matchCriteriaId: "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CD898239-AEDF-4CA5-A5AE-946584971C8F", versionEndExcluding: "1.0.1.52", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2FB7AC1F-9DCC-47F5-8CDC-FA4786EEF9EA", versionEndExcluding: "1.0.1.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", matchCriteriaId: "4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13A66A85-1F7D-4A1D-B2B6-D0E1318CC2A1", versionEndExcluding: "1.0.1.76", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", matchCriteriaId: "5828F04B-E373-4E4F-942D-08CCA038418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6200v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "464F3374-0B87-4920-A383-737C4F8F66BF", versionEndExcluding: "1.0.1.74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6200v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2141AE0A-18CB-4142-A850-B2153DAEE5A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F42BDEFE-DBA2-4705-B7F6-86B5D5858F4C", versionEndExcluding: "1.0.2.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", matchCriteriaId: "1289BBB4-1955-46A4-B5FE-BF11153C24F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "308411F8-8FDD-4544-A4D8-FEC2F16597DC", versionEndExcluding: "1.0.2.140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", matchCriteriaId: "F285D60D-A5DA-4467-8F79-15EF8135D007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EBCC111C-7F79-4F20-B007-279EAA197D4D", versionEndExcluding: "1.0.1.186", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*", matchCriteriaId: "8D9781C9-799A-4BDA-A027-987627A01633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:jr6150_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC9C60BB-2E7F-4D35-9348-8D8AEFAAD75F", versionEndExcluding: "1.0.1.18", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:jr6150:-:*:*:*:*:*:*:*", matchCriteriaId: "D67167E5-81D2-4892-AF41-CBB6271232D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:pr2000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "50E2E26A-200E-4D00-9657-034EACE3944F", versionEndExcluding: "1.0.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:pr2000:-:*:*:*:*:*:*:*", matchCriteriaId: "2451CC0C-71B2-474D-93F0-2B2ACD802FE3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "27FC1738-5A2C-4D4B-944C-1EB1A8D2476E", versionEndExcluding: "1.0.0.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6020:-:*:*:*:*:*:*:*", matchCriteriaId: "5DDA7ABF-4C4B-4945-993A-F93BD8FCB55E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6050_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EDB0CD0A-A68D-4EF5-A938-6A15604C9107", versionEndExcluding: "1.0.1.18", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6050:-:*:*:*:*:*:*:*", matchCriteriaId: "363D4DEE-98B9-4294-B241-1613CAD1A3A7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "442B71BC-D2D4-4F0F-8962-B50D5E8D2833", versionEndExcluding: "1.0.0.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6080:-:*:*:*:*:*:*:*", matchCriteriaId: "1CEB5C49-53CF-44AE-9A7D-E7E6201BFE62", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "92F53D21-C688-4477-815D-EFFF08F7D085", versionEndExcluding: "1.0.0.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6120:-:*:*:*:*:*:*:*", matchCriteriaId: "D18D2CCD-424F-41D5-919B-E22B9FA68D36", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6220_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "220EBC67-69DA-43D6-8B09-EBEEEF29679D", versionEndExcluding: "1.1.0.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6220:-:*:*:*:*:*:*:*", matchCriteriaId: "B131B5C8-CB7F-433B-BA32-F05CE0E92A66", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6230_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9466A450-0351-4B2D-B816-6A1B6F4F34B9", versionEndExcluding: "1.1.0.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6230:-:*:*:*:*:*:*:*", matchCriteriaId: "C91CADFA-59DB-4B6C-A914-848884F4A4BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF20BDF1-ADE3-4C82-8E11-C720DA0BCD26", versionEndExcluding: "1.1.0.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*", matchCriteriaId: "3C395D49-57F9-4BC1-8619-57127355B86B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F9079C37-0E23-40F5-BDD8-F4757773D670", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700v2:-:*:*:*:*:*:*:*", matchCriteriaId: "C9793286-86D2-43BF-B9B8-823C05BCAE4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3C39CE79-6433-47E2-A439-9AB1DFBD843C", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*", matchCriteriaId: "09404083-B00B-4C1F-8085-BC242E625CA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6900v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2B21EF2E-C6A8-4EA2-9247-0DD2FD8C84F0", versionEndExcluding: "1.2.0.36", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6900v2:-:*:*:*:*:*:*:*", matchCriteriaId: "A9FC6398-60A5-4003-A294-C96AE6DBCED5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B9F6D3F1-4064-4CAD-85D4-E1B2E72B440C", versionEndExcluding: "1.0.3.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2BCA6487-57EC-4630-884F-820BBFE25843", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6915C426-7EEB-43AA-A56A-A1DABF6DF9E7", versionEndExcluding: "1.0.2.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5AC056A-DF92-4CA7-9919-2C9BDAE3C32D", versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F1F914AD-70DC-47F5-A2F7-672DBE89C62E", versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "448D7EA1-A7BB-4AA5-8260-1D533D6A99AC", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1525B9D0-B147-437D-ACAE-58819A1F4FC6", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4515F985-B714-480C-8FBA-2499A29F29FA", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CC5263E-71E4-4B63-AD77-D1E72DC704B0", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D130E198-E9F5-4250-9C52-E39DF5C96711", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08426AC6-4811-43E8-87EB-204A2729C49B", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA9F2B44-4114-495A-B200-B703FDFC3F8F", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A25B8627-D325-493B-8B7D-4F900334F0D8", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81ED6C61-2A7C-49EC-BD3D-466442EF715C", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn2000rptv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9E06335E-EF1B-46F7-9F6A-4B749BA4D609", versionEndExcluding: "1.0.1.34", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn2000rptv3:-:*:*:*:*:*:*:*", matchCriteriaId: "BF128F22-9103-4878-A270-7FC5C97E4F13", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA82BFA7-9B98-408C-BE81-E8D7532780A2", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA82BFA7-9B98-408C-BE81-E8D7532780A2", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E1947AF4-32F6-41E7-9040-E1FF5FFB3164", versionEndExcluding: "1.0.2.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", matchCriteriaId: "958243A2-6829-464F-80EA-7DD5B6F0DD7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3100rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "09A22719-8CA4-452A-80E7-3A8CC50E7DD8", versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3100rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "8E243DEF-0496-4752-B5B6-69F13E3D2C95", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D1EF946-5FEF-4DD7-8567-CB435FAA41E2", versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*", matchCriteriaId: "671EC923-DC84-47D6-B943-0F7DA8168334", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2020_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E0141851-BE96-4F6A-883F-3B20AE6945C1", versionEndExcluding: "1.1.0.62", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr2020:-:*:*:*:*:*:*:*", matchCriteriaId: "C2189628-03E7-445A-9EF2-656A85539115", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr450_firmware:2.3.2.32:*:*:*:*:*:*:*", matchCriteriaId: "DC0F3168-675B-4B0B-A48B-3748A8F7E4E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", matchCriteriaId: "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:2.3.2.32:*:*:*:*:*:*:*", matchCriteriaId: "D6FF327C-98A6-4A6A-A439-1D9C08FCD27D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región stack de la memoria por parte de un atacante no autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.76, D6000 versiones anteriores a 1.0.0.78, D6200 versiones anteriores a 1.1.00.32, D7000 versiones anteriores a 1.0.1.68, D7800 versiones anteriores a 1.0.1.56, DM200 versiones anteriores a 1.0.0.61, EX2700 versiones anteriores a 1.0.1.52, EX6100v2 versiones anteriores a 1.0.1.76, EX6150v2 versiones anteriores a 1.0.1.76, EX6200v2 versiones anteriores a 1.0.1.74, EX6400 versiones anteriores a 1.0.2.140, EX7300 versiones anteriores a 1.0.2.140, EX8000 versiones anteriores a 1.0.1.186, JR6150 versiones anteriores a 1.0.1.18, PR2000 versiones anteriores a 1.0.0.28, R6020 versiones anteriores a 1.0.0.38, R6050 versiones anteriores a 1.0.1.18, R6080 versiones anteriores a 1.0.0.38, R6120 versiones anteriores a 1.0.0.46, R6220 versiones anteriores a 1.1.0.80, R6230 versiones anteriores a 1.1.0.80, R6260 versiones anteriores a 1.1.0.40, R6700v2 versiones anteriores a 1.2.0.36, R6800 versiones anteriores a 1.2.0.36, R6900v2 versiones anteriores a 1.2. 0.36, R7500v2 versiones anteriores a 1.0.3.40, R7800 versiones anteriores a 1.0.2.62, R8900 versiones anteriores a 1.0.4.12, R9000 versiones anteriores a 1.0.4.12, RBK20 versiones anteriores a 2.3.0.28, RBR20 versiones anteriores a 2.3.0.28, RBS20 versiones anteriores a 2.3.0.28, RBK40 versiones anteriores a 2.3.0.28, RBR40 versiones anteriores a 2.3.0.28, RBS40 versiones anteriores a 2.3.0.28, RBK50 versiones anteriores a 2.3.0.32, RBR50 versiones anteriores a 2.3.0.32, RBS50 versiones anteriores a 2.3.0.32, WN2000RPTv3 versiones anteriores a 1.0.1.34, WN3000RPv2 versiones anteriores a 1.0.0.78, WN3000RPv2 versiones anteriores a 1.0.0.78, WN3000RPv3 versiones anteriores a 1.0.2.78, WN3100RPv2 versiones anteriores a 1.0.0.66, WNR2000v5 versiones anteriores a 1.0.0.70, WNR2020 versiones anteriores a 1.1.0.62, XR450 versiones anteriores a 2.3.2.32, y XR500 versiones anteriores a 2.3.2.32.", }, ], id: "CVE-2020-35799", lastModified: "2024-11-21T05:28:08.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.347", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062709/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-Range-Extenders-and-WiFi-Systems-PSV-2018-0296", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Vendor | Product | Version | |
---|---|---|---|
netgear | d7800_firmware | * | |
netgear | d7800 | - | |
netgear | r7800_firmware | * | |
netgear | r7800 | - | |
netgear | rax120_firmware | * | |
netgear | rax120 | - | |
netgear | rbk22_firmware | * | |
netgear | rbk22 | - | |
netgear | rbr20_firmware | * | |
netgear | rbr20 | - | |
netgear | rbs20_firmware | * | |
netgear | rbs20 | - | |
netgear | rbk40_firmware | * | |
netgear | rbk40 | - | |
netgear | rbr40_firmware | * | |
netgear | rbr40 | - | |
netgear | rbs40_firmware | * | |
netgear | rbs40 | - | |
netgear | rbk50_firmware | * | |
netgear | rbk50 | - | |
netgear | rbr50_firmware | * | |
netgear | rbr50 | - | |
netgear | rbs50_firmware | * | |
netgear | rbs50 | - | |
netgear | wn3000rpv2_firmware | * | |
netgear | wn3000rpv2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C35893A-C6C2-45C7-B3AF-BCFA62381BE5", versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "70E4DC5E-E34E-4AB1-BD50-F741142CB917", versionEndExcluding: "1.0.2.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF94E4E9-5F05-4727-BEEC-E6CAEF313864", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", matchCriteriaId: "1742BD56-84E4-40E1-8C04-098B3715161E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42FB0A25-01DC-4864-B1FC-A315CA787B18", versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk22:-:*:*:*:*:*:*:*", matchCriteriaId: "2E1BA765-5318-4A96-885D-3078148A74E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA36B519-BB43-4329-96A5-842C74E05F8A", versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2FC86AC-1164-45C8-8D9E-6B88EC02B254", versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89C8AC8A-A1C8-4DA3-AFCC-F6A2E7367C7B", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A040117E-5DF5-4D8F-B0ED-E0ED148A6640", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "624E85AD-3B34-413B-A271-1167CB551BD3", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B7ED1541-DE7D-4A4C-B8D1-CB42E52E3DBE", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "094B04D5-9063-4D7A-B367-E1F2688B3667", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C489444C-6C19-4A52-AF66-A1D48ADC4F26", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA82BFA7-9B98-408C-BE81-E8D7532780A2", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una vulnerabilidad de tipo XSS almacenado. Esto afecta a D7800 versiones anteriores a 1.0.1.56, R7800 versiones anteriores a 1.0.2.68, RAX120 versiones anteriores a 1.0.0.78, RBK22 versiones anteriores a 2.3.5.26, RBR20 versiones anteriores a 2.3.5.26, RBS20 versiones anteriores a 2.3.5.26, RBK40 versiones anteriores a 2.3.5.30, RBR40 versiones anteriores a 2.3.5.30, RBS40 versiones anteriores a 2.3.5.30, RBK50 versiones anteriores a 2.3.5.30, RBR50 versiones anteriores a 2.3.5.30, RBS50 versiones anteriores a 2.3.5.30 y WN3000RPv2 versiones anteriores a 1.0.0.78.", }, ], id: "CVE-2020-35807", lastModified: "2024-11-21T05:28:10.113", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.800", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062730/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0557", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062730/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0557", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vendor | Product | Version | |
---|---|---|---|
netgear | d7800_firmware | * | |
netgear | d7800 | - | |
netgear | ex2700_firmware | * | |
netgear | ex2700 | - | |
netgear | wn3000rpv2_firmware | * | |
netgear | wn3000rpv2 | - | |
netgear | wn3000rpv3_firmware | * | |
netgear | wn3000rpv3 | - | |
netgear | lbr1020_firmware | * | |
netgear | lbr1020 | - | |
netgear | lbr20_firmware | * | |
netgear | lbr20 | - | |
netgear | r6700ax_firmware | * | |
netgear | r6700ax | - | |
netgear | r7800_firmware | * | |
netgear | r7800 | - | |
netgear | r8900_firmware | * | |
netgear | r8900 | - | |
netgear | r9000_firmware | * | |
netgear | r9000 | - | |
netgear | rax10_firmware | * | |
netgear | rax10 | - | |
netgear | rax120v1_firmware | * | |
netgear | rax120v1 | - | |
netgear | rax120v2_firmware | * | |
netgear | rax120v2 | - | |
netgear | rax70_firmware | * | |
netgear | rax70 | - | |
netgear | rax78_firmware | * | |
netgear | rax78 | - | |
netgear | xr450_firmware | * | |
netgear | xr450 | - | |
netgear | xr500_firmware | * | |
netgear | xr500 | - | |
netgear | xr700_firmware | * | |
netgear | xr700 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EBB7728E-4535-4A67-9F8F-3CD4FE29C4A9", versionEndExcluding: "1.0.1.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "110B4669-7AA6-4444-BFEF-9F7DF5C40D0B", versionEndExcluding: "1.0.1.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A7305D0F-6995-411B-BDF6-106102C717AB", versionEndExcluding: "1.0.0.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "28C0758E-2793-4342-AEA0-DA7F49C4A38E", versionEndExcluding: "1.0.2.100", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", matchCriteriaId: "958243A2-6829-464F-80EA-7DD5B6F0DD7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lbr1020_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05E6F6DD-5CC6-426B-92F5-34B9A8525810", versionEndExcluding: "2.6.5.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lbr1020:-:*:*:*:*:*:*:*", matchCriteriaId: "953F0743-4B34-4CE9-815E-D87253720CBE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8AAD88A5-E90E-4A96-BE01-DF14ADC44881", versionEndExcluding: "2.6.5.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "863E45EA-2DA0-4C9A-9B87-79E42B3FF97C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r6700ax_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C65624DD-9DDF-4167-89D9-8629587082A6", versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r6700ax:-:*:*:*:*:*:*:*", matchCriteriaId: "F9B37178-0C67-4EF0-A9B8-5BB5B9DBFB8F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "76FAB8C7-79BA-4592-AF47-198D3EE48DCF", versionEndExcluding: "1.0.2.86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "13593203-FB80-4BDA-96CC-AAE5C33E560A", versionEndExcluding: "1.0.5.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4D90EEE2-4D7C-46ED-9DF4-C232F30D97ED", versionEndExcluding: "1.0.5.38", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax10_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FB930C5E-4232-4212-AFEB-A4D0904F2B22", versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax10:-:*:*:*:*:*:*:*", matchCriteriaId: "1742F1BB-3D78-4E5E-9479-6614A56B4700", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120v1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E370208B-8A35-4F76-8C79-BD5F1ABECA4D", versionEndExcluding: "1.2.3.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120v1:-:*:*:*:*:*:*:*", matchCriteriaId: "774148F4-42EA-4F2A-98AB-1511DAB5774A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "91CED146-E9DC-4F73-A2CF-A6D78F29D0F7", versionEndExcluding: "1.2.3.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120v2:-:*:*:*:*:*:*:*", matchCriteriaId: "50D741E6-43F9-4BDC-B1A4-281AC73A7C19", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax70_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE615E08-904D-4DD5-835F-CE48B6D87650", versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax70:-:*:*:*:*:*:*:*", matchCriteriaId: "AE1314C3-4950-4F5A-9900-789710CE7F98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax78_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A4940E3E-2320-4B73-B5DB-DDB7BE410EF0", versionEndExcluding: "1.0.10.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax78:-:*:*:*:*:*:*:*", matchCriteriaId: "EABDFEEF-228C-429E-9B80-B6A0CA7D5AA9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EC1DFC6-B5A7-486B-BD50-BB79B3FF368A", versionEndExcluding: "2.3.2.130", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", matchCriteriaId: "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E50B1D80-6C4A-488D-8CAC-638DFFE23E6F", versionEndExcluding: "2.3.2.130", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3539C94-0B31-48FC-A432-3DC3E4E0CBBC", versionEndExcluding: "1.0.1.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", matchCriteriaId: "E12892C8-5E01-49A6-BF47-09D630377093", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a D7800 versiones anteriores a 1.0.1.66, a EX2700 versiones anteriores a 1.0.1.68, al WN3000RPv2 versiones anteriores a 1.0.0.90, al WN3000RPv3 versiones anteriores a 1.0.2.100, a LBR1020 versiones anteriores a 2.6.5.20, a LBR20 versiones anteriores a 2.6.5.32, a R6700AX versiones anteriores a 1.0.10.110, a R7800 versiones anteriores a 1.0.2.86, a R8900 versiones anteriores a 1. 0.5.38, R9000 versiones anteriores a 1.0.5.38, RAX10 versiones anteriores a 1.0.10.110, RAX120v1 versiones anteriores a 1.2.3.28, RAX120v2 versiones anteriores a 1.2.3.28, RAX70 versiones anteriores a 1.0.10.110, RAX78 versiones anteriores a 1.0.10.110, XR450 versiones anteriores a 2.3.2.130, XR500 versiones anteriores a 2.3.2.130 y XR700 versiones anteriores a 1.0.1.46", }, ], id: "CVE-2021-45602", lastModified: "2024-11-21T06:32:38.330", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:17.803", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://immersivelabs.com/resources/blog/netgear-vulnerabilities-could-put-small-business-routers-at-risk/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064407/Security-Advisory-for-Post-Authentication-Command-Injection-Sensitive-Information-Disclosure-on-Multiple-Products-PSV-2021-0169-PSV-2021-0171", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Vendor | Product | Version | |
---|---|---|---|
netgear | d7800_firmware | * | |
netgear | d7800 | - | |
netgear | r7500v2_firmware | * | |
netgear | r7500v2 | - | |
netgear | r7800_firmware | * | |
netgear | r7800 | - | |
netgear | rax120_firmware | * | |
netgear | rax120 | - | |
netgear | rbk22_firmware | * | |
netgear | rbk22 | - | |
netgear | rbr20_firmware | * | |
netgear | rbr20 | - | |
netgear | rbs20_firmware | * | |
netgear | rbs20 | - | |
netgear | rbk40_firmware | * | |
netgear | rbk40 | - | |
netgear | rbr40_firmware | * | |
netgear | rbr40 | - | |
netgear | rbs40_firmware | * | |
netgear | rbs40 | - | |
netgear | rbk50_firmware | * | |
netgear | rbk50 | - | |
netgear | rbr50_firmware | * | |
netgear | rbr50 | - | |
netgear | rbs50_firmware | * | |
netgear | rbs50 | - | |
netgear | wn3000rpv2_firmware | * | |
netgear | wn3000rpv2 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C35893A-C6C2-45C7-B3AF-BCFA62381BE5", versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "801B6E47-327F-4C7F-B3BD-CC08F94B19AC", versionEndExcluding: "1.0.3.46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2BCA6487-57EC-4630-884F-820BBFE25843", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "70E4DC5E-E34E-4AB1-BD50-F741142CB917", versionEndExcluding: "1.0.2.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF94E4E9-5F05-4727-BEEC-E6CAEF313864", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", matchCriteriaId: "1742BD56-84E4-40E1-8C04-098B3715161E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk22_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "42FB0A25-01DC-4864-B1FC-A315CA787B18", versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk22:-:*:*:*:*:*:*:*", matchCriteriaId: "2E1BA765-5318-4A96-885D-3078148A74E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EA36B519-BB43-4329-96A5-842C74E05F8A", versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B2FC86AC-1164-45C8-8D9E-6B88EC02B254", versionEndExcluding: "2.3.5.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "89C8AC8A-A1C8-4DA3-AFCC-F6A2E7367C7B", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A040117E-5DF5-4D8F-B0ED-E0ED148A6640", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", matchCriteriaId: "A9E20E59-2B1E-4E43-A494-2C20FD716D4F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "624E85AD-3B34-413B-A271-1167CB551BD3", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B7ED1541-DE7D-4A4C-B8D1-CB42E52E3DBE", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "094B04D5-9063-4D7A-B367-E1F2688B3667", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C489444C-6C19-4A52-AF66-A1D48ADC4F26", versionEndExcluding: "2.3.5.30", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA82BFA7-9B98-408C-BE81-E8D7532780A2", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, RAX120 before 1.0.0.78, RBK22 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and WN3000RPv2 before 1.0.0.78.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una vulnerabilidad de tipo XSS almacenado. Esto afecta a D7800 versiones anteriores a 1.0.1.56, R7500v2 versiones anteriores a 1.0.3.46, R7800 versiones anteriores a 1.0.2.68, RAX120 versiones anteriores a 1.0.0.78, RBK22 versiones anteriores a 2.3.5.26, RBR20 versiones anteriores a 2.3.5.26, RBS20 versiones anteriores a 2.3.5.26, RBK40 versiones anteriores a 2.3.5.30, RBR40 versiones anteriores a 2.3.5.30, RBS40 versiones anteriores a 2.3.5.30, RBK50 versiones anteriores a 2.3.5.30, RBR50 versiones anteriores a 2.3.5.30, RBS50 versiones anteriores a 2.3.5.30 y WN3000RPv2 versiones anteriores a 1.0.0.78.", }, ], id: "CVE-2020-35806", lastModified: "2024-11-21T05:28:09.920", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.737", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062729/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0539", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062729/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Orbi-WiFi-Systems-PSV-2018-0539", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vendor | Product | Version | |
---|---|---|---|
netgear | d6100_firmware | * | |
netgear | d6100 | - | |
netgear | r7800_firmware | * | |
netgear | r7800 | - | |
netgear | r8900_firmware | * | |
netgear | r8900 | - | |
netgear | r9000_firmware | * | |
netgear | r9000 | - | |
netgear | rbk20_firmware | * | |
netgear | rbk20 | - | |
netgear | rbr20_firmware | * | |
netgear | rbr20 | - | |
netgear | rbs20_firmware | * | |
netgear | rbs20 | - | |
netgear | rbk50_firmware | * | |
netgear | rbk50 | - | |
netgear | rbr50_firmware | * | |
netgear | rbr50 | - | |
netgear | rbs50_firmware | * | |
netgear | rbs50 | - | |
netgear | rbk40_firmware | * | |
netgear | rbk40 | - | |
netgear | rbs40_firmware | * | |
netgear | rbs40 | - | |
netgear | srk60_firmware | * | |
netgear | srk60 | - | |
netgear | srr60_firmware | * | |
netgear | srr60 | - | |
netgear | srs60_firmware | * | |
netgear | srs60 | - | |
netgear | wn3000rpv2_firmware | * | |
netgear | wn3000rpv2 | - | |
netgear | wndr4300v2_firmware | * | |
netgear | wndr4300v2 | - | |
netgear | wndr4500v3_firmware | * | |
netgear | wndr4500v3 | - | |
netgear | wnr2000v5_firmware | * | |
netgear | wnr2000v5 | - | |
netgear | xr450_firmware | * | |
netgear | xr450 | - | |
netgear | xr500_firmware | * | |
netgear | xr500 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8DE5478F-11CE-4730-AC60-64ACE7BBB03A", versionEndExcluding: "1.0.0.63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*", matchCriteriaId: "7EFD1E86-F100-4E46-935D-903EB6FEFE9D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "52E997BC-B5C7-4FBA-9535-6A0BA398F8C3", versionEndExcluding: "1.0.2.60", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BEF7967B-5FA3-4D43-BEC5-2644FBB1D168", versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D34DD834-FE59-4F04-9448-FDC385CF70F6", versionEndExcluding: "1.0.4.26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "448D7EA1-A7BB-4AA5-8260-1D533D6A99AC", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1525B9D0-B147-437D-ACAE-58819A1F4FC6", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4515F985-B714-480C-8FBA-2499A29F29FA", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BA9F2B44-4114-495A-B200-B703FDFC3F8F", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A25B8627-D325-493B-8B7D-4F900334F0D8", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81ED6C61-2A7C-49EC-BD3D-466442EF715C", versionEndExcluding: "2.3.0.32", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1CC5263E-71E4-4B63-AD77-D1E72DC704B0", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "08426AC6-4811-43E8-87EB-204A2729C49B", versionEndExcluding: "2.3.0.28", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", matchCriteriaId: "6FDCDE39-0355-43B9-BF57-F3718DA2988D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:srk60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F844694F-AAC1-466E-AB59-E27FFA315C18", versionEndExcluding: "2.2.2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:srk60:-:*:*:*:*:*:*:*", matchCriteriaId: "DCC347EB-699E-4626-A944-2D378101DDCF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:srr60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4E5130E8-336A-4352-9E71-2FD2519A2F15", versionEndExcluding: "2.2.2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:srr60:-:*:*:*:*:*:*:*", matchCriteriaId: "55E6F589-04DA-431C-9E03-BA2A59BB0E4A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:srs60_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D81891A8-FD3C-4F35-BA0E-3F9522292B66", versionEndExcluding: "2.2.2.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:srs60:-:*:*:*:*:*:*:*", matchCriteriaId: "BFB01247-A20F-41CA-8718-E8E60E7F14B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA82BFA7-9B98-408C-BE81-E8D7532780A2", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wndr4300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE79DB12-F18E-49DE-A1F2-BF3BDD5E44E4", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wndr4300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "512AD9E6-F154-483D-AA18-3302CEBB5B79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wndr4500v3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B8DCB117-4B58-4CBC-9E25-F98BB6C2B2BC", versionEndExcluding: "1.0.0.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wndr4500v3:-:*:*:*:*:*:*:*", matchCriteriaId: "EDA7C60F-8806-476C-A833-44E2BE66265B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D1EF946-5FEF-4DD7-8567-CB435FAA41E2", versionEndExcluding: "1.0.0.70", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*", matchCriteriaId: "671EC923-DC84-47D6-B943-0F7DA8168334", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1DF16407-DB09-4174-A435-F7AF209E4260", versionEndExcluding: "2.3.2.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*", matchCriteriaId: "66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8752321F-E9BF-427B-88FD-B67014FB2FD5", versionEndExcluding: "2.3.2.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before 1.0.0.78, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.70, XR450 before 2.3.2.40, and XR500 before 2.3.2.40.", }, { lang: "es", value: "Determinados dispositivos NETGEAR, están afectados por un desbordamiento del búfer en la región stack de la memoria por parte de un usuario autenticado. Esto afecta a D6100 versiones anteriores a 1.0.0.63, R7800 versiones anteriores a 1.0.2.60, R8900 versiones anteriores a 1.0.4.26, R9000 versiones anteriores a 1.0.4.26, RBK20 versiones anteriores a 2.3.0.28, RBR20 versiones anteriores a 2.3.0.28, RBS20 versiones anteriores a 2.3.0.28, RBK50 versiones anteriores a 2.3.0.32, RBR50 versiones anteriores a 2.3.0.32, RBS50 versiones anteriores a 2.3.0.32, RBK40 versiones anteriores a 2.3.0.28, RBR40 versiones anteriores a 2.3.0.28, RBS40 versiones anteriores a 2.3.0.28, SRK60 versiones anteriores a 2.2.2.20, SRR60 versiones anteriores a 2.2.2.20, SRS60 versiones anteriores a 2.2.2.20, WN3000RPv2 versiones anteriores a 1.0.0.78, WNDR4300v2 versiones anteriores a 1.0.0.58, WNDR4500v3 versiones anteriores a 1.0.0.58, WNR2000v5 versiones anteriores a 1.0.0.70, XR450 versiones anteriores a 2.3.2.40 y XR500 versiones anteriores a 2.3.2.40", }, ], id: "CVE-2020-26913", lastModified: "2024-11-21T05:20:28.870", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 5.2, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 5.1, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-09T07:15:17.043", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062340/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2018-0140", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062340/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-WiFi-Systems-PSV-2018-0140", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Vendor | Product | Version | |
---|---|---|---|
netgear | d6100_firmware | * | |
netgear | d6100 | - | |
netgear | dm200_firmware | * | |
netgear | dm200 | - | |
netgear | r7800_firmware | * | |
netgear | r7800 | - | |
netgear | r8900_firmware | * | |
netgear | r8900 | - | |
netgear | r9000_firmware | * | |
netgear | r9000 | - | |
netgear | wn3000rpv2_firmware | * | |
netgear | wn3000rpv2 | - | |
netgear | wnr2000v5_firmware | * | |
netgear | wnr2000v5 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d6100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8DE5478F-11CE-4730-AC60-64ACE7BBB03A", versionEndExcluding: "1.0.0.63", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d6100:-:*:*:*:*:*:*:*", matchCriteriaId: "7EFD1E86-F100-4E46-935D-903EB6FEFE9D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6B27650A-B7FE-41E4-8231-9283CC7B8349", versionEndExcluding: "1.0.0.61", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", matchCriteriaId: "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "2C2195F1-18F6-4397-9D28-7A92003B7A76", versionEndExcluding: "1.0.2.52", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E5AC056A-DF92-4CA7-9919-2C9BDAE3C32D", versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F1F914AD-70DC-47F5-A2F7-672DBE89C62E", versionEndExcluding: "1.0.4.12", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0F20A1B5-DBD0-445F-AB0D-30212439FFD4", versionEndExcluding: "1.0.0.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D275B1AC-7E46-4892-9ACB-DEB53543E0B5", versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*", matchCriteriaId: "671EC923-DC84-47D6-B943-0F7DA8168334", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por una vulnerabilidad de tipo XSS almacenado. Esto afecta a D6100 versiones anteriores a 1.0.0.63, DM200 versiones anteriores a 1.0.0.61, R7800 versiones anteriores a 1.0.2.52, R8900 versiones anteriores a 1.0.4.12, R9000 versiones anteriores a 1.0.4.12, WN3000RPv2 versiones anteriores a 1.0.0.68 y WNR2000v5 versiones anteriores a 1.0.0.66.", }, ], id: "CVE-2020-35808", lastModified: "2024-11-21T05:28:10.323", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-30T00:15:14.863", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062708/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Range-Extenders-PSV-2018-0158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.netgear.com/000062708/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-Range-Extenders-PSV-2018-0158", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ACEAC1F2-EEAE-4880-B6C0-FFAAA29685F1", versionEndExcluding: "1.0.1.58", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", matchCriteriaId: "DA2D4987-3726-4A72-8D32-592F59FAC46D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CFD91F26-5253-4A05-AB69-94CB2C416F83", versionEndExcluding: "1.0.0.66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", matchCriteriaId: "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BDB07B26-FD18-4023-A143-E890076FF68A", versionEndExcluding: "1.0.1.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", matchCriteriaId: "5341B659-DE7D-43F1-954D-82049CBE18AD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5AC48A9A-9B6B-4E46-A022-958939EB2827", versionEndExcluding: "1.0.1.86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", matchCriteriaId: "5828F04B-E373-4E4F-942D-08CCA038418C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6C634416-8822-46D9-B6CA-DE71F4E2BFF1", versionEndExcluding: "1.0.1.86", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*", matchCriteriaId: "4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6200v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "35673ECF-BC73-4B7D-9BFD-8A66A55C750A", versionEndExcluding: "1.0.1.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6200v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2141AE0A-18CB-4142-A850-B2153DAEE5A8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7A3F4095-4746-4689-8190-13F2734493CC", versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", matchCriteriaId: "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95F639EF-A599-4CC7-BDB1-5AF74560ADEB", versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", matchCriteriaId: "C63267D8-4632-4D14-B39C-BEEC62AD8F87", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A1C892CF-A183-45F0-AFEA-1448D93118AE", versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", matchCriteriaId: "0B2C00E1-4A23-4304-B92F-B7D9F4818D90", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "04F2925C-EF25-4162-8A3C-729191AC59D3", versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", matchCriteriaId: "5882095F-B22A-4937-BA08-6640140F10AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BC45DE2E-BC27-4710-A237-1EFB4CD06299", versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", matchCriteriaId: "F285D60D-A5DA-4467-8F79-15EF8135D007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7C515A99-8AC2-404F-BD64-9043C72EC4EC", versionEndExcluding: "1.0.2.144", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", matchCriteriaId: "1289BBB4-1955-46A4-B5FE-BF11153C24F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "568044B5-D287-4355-A375-E260F853AA03", versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", matchCriteriaId: "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A59D262F-1A53-4769-91B4-495217600D76", versionEndExcluding: "1.0.0.110", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", matchCriteriaId: "0A88D2A3-3B22-4639-94E9-69CE80F37392", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C745B393-CC8D-4F88-A6EB-2788E1A4BAF9", versionEndExcluding: "1.0.3.48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", matchCriteriaId: "2BCA6487-57EC-4630-884F-820BBFE25843", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "70E4DC5E-E34E-4AB1-BD50-F741142CB917", versionEndExcluding: "1.0.2.68", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", matchCriteriaId: "17CF7445-6950-45FE-9D1A-E23F63316329", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "73ADA144-1E36-4F69-8C2D-2DD000F93361", versionEndExcluding: "1.0.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", matchCriteriaId: "0F859165-8D89-4CDD-9D48-9C7923D2261F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A3A5762A-D32D-459B-B6CE-C54F8704BDEF", versionEndExcluding: "1.0.5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", matchCriteriaId: "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CC0EC10D-5D3C-4C1F-83ED-24409A2F0F0E", versionEndExcluding: "1.0.1.90", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", matchCriteriaId: "1742BD56-84E4-40E1-8C04-098B3715161E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3DB57ABF-8ABA-47E0-974D-AF8DF696A968", versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", matchCriteriaId: "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AE5AB36A-A020-4604-AB9B-55F114172D8D", versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", matchCriteriaId: "E6C9F31C-3E12-4787-9C9B-14883D9D152A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "31604191-2A95-440D-B58B-84066805D623", versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", matchCriteriaId: "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "87234D9C-235C-49CB-B88C-C2B84007387B", versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", matchCriteriaId: "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "70C4C62E-6B4C-4987-A6CA-07903E37EC34", versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*", matchCriteriaId: "8BA66D07-D017-49D6-8E72-5C48E940DE1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D5C3D18C-1CA3-4082-8F81-03BCE08F88B0", versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*", matchCriteriaId: "B2CAEA32-6934-4743-9E6B-22D52AC5E7F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA2BB79-FBC6-45FB-B617-7EFCEE57DB73", versionEndExcluding: "2.5.1.16", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*", matchCriteriaId: "3BCFD959-D522-4FA0-AD01-2937DAEE1EDF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E9E75105-CB35-4983-8CC0-98699AAA63BE", versionEndExcluding: "2.6.1.40", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*", matchCriteriaId: "27F93A76-6EFF-4DA6-9129-4792E2C125D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA82BFA7-9B98-408C-BE81-E8D7532780A2", versionEndExcluding: "1.0.0.78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", matchCriteriaId: "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "29D544D2-5FF5-4C86-94A9-5562B277ABDC", versionEndExcluding: "1.0.2.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", matchCriteriaId: "958243A2-6829-464F-80EA-7DD5B6F0DD7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "37A3A395-4878-4026-8308-E83DFD66A781", versionEndExcluding: "1.0.0.72", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*", matchCriteriaId: "671EC923-DC84-47D6-B943-0F7DA8168334", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AA9B22EF-5791-41DB-8CC1-A1B60CF4A73F", versionEndExcluding: "2.3.2.56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", matchCriteriaId: "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5EAA7899-50E0-40CD-9CB9-877C48E4ED46", versionEndExcluding: "1.0.1.20", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*", matchCriteriaId: "E12892C8-5E01-49A6-BF47-09D630377093", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86, EX6200v2 before 1.0.1.78, EX6250 before 1.0.0.110, EX6410 before 1.0.0.110, EX6420 before 1.0.0.110, EX6400v2 before 1.0.0.110, EX7300 before 1.0.2.144, EX6400 before 1.0.2.144, EX7320 before 1.0.0.110, EX7300v2 before 1.0.0.110, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.90, RBK40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, RBS50Y before 2.6.1.40, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.72, XR500 before 2.3.2.56, and XR700 before 1.0.1.20.", }, { lang: "es", value: "Determinados dispositivos NETGEAR están afectados por la inyección en el lado del servidor. Esto afecta al D7800 antes de 1.0.1.58, DM200 antes de 1.0.0.66, EX2700 antes de 1.0.1.56, EX6150v2 antes de 1.0.1.86, EX6100v2 antes de 1.0.1.86, EX6200v2 antes de 1.0.1.78, EX6250 antes de 1.0.0.110, EX6410 antes de 1.0.0.110, EX7300 antes de 1.0.0.110. 0.0.110, EX6420 antes de 1.0.0.110, EX6400v2 antes de 1.0.0.110, EX7300 antes de 1.0.2.144, EX6400 antes de 1.0.2.144, EX7320 antes de 1.0.0.110, EX7300v2 antes de 1.0.0.110, R7500v2 antes de 1.0.3.48, R7800 antes de 1. 0.2.68, R8900 antes de 1.0.5.2, R9000 antes de 1.0.5.2, RAX120 antes de 1.0.1.90, RBK40 antes de 2.5.1.16, RBK20 antes de 2.5.1.16, RBR20 antes de 2.5.1.16, RBS20 antes de 2.5.1.16, RBK50 antes de 2.5.1. 16, RBR50 antes de 2.5.1.16, RBS50 antes de 2.5.1.16, RBS50Y antes de 2.6.1.40, WN3000RPv2 antes de 1.0.0.78, WN3000RPv3 antes de 1.0.2.80, WNR2000v5 antes de 1.0.0.72, XR500 antes de 2.3.2.56 y XR700 antes de 1.0.1.20.", }, ], id: "CVE-2021-45658", lastModified: "2024-11-21T06:32:48.427", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-26T01:15:20.467", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064062/Security-Advisory-for-Server-Side-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0125", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kb.netgear.com/000064062/Security-Advisory-for-Server-Side-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0125", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }