cve-2021-27256
Vulnerability from cvelistv5
Published
2021-03-05 20:00
Modified
2024-08-03 20:48
Severity ?
8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.
References
zdi-disclosures@trendmicro.comhttps://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-ExtendersPatch, Vendor Advisory
zdi-disclosures@trendmicro.comhttps://www.zerodayinitiative.com/advisories/ZDI-21-262/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-ExtendersPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-21-262/Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.076Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "R7800",
          "vendor": "NETGEAR",
          "versions": [
            {
              "status": "affected",
              "version": "firmware version 1.0.2.76"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "takeshi"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-05T20:00:25",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "zdi-disclosures@trendmicro.com",
          "ID": "CVE-2021-27256",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "R7800",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "firmware version 1.0.2.76"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NETGEAR"
              }
            ]
          }
        },
        "credit": "takeshi",
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355."
            }
          ]
        },
        "impact": {
          "cvss": {
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
              "refsource": "MISC",
              "url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-262/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2021-27256",
    "datePublished": "2021-03-05T20:00:25",
    "dateReserved": "2021-02-16T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.076Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.10.0.5\", \"matchCriteriaId\": \"9680E98E-021B-4C71-AAA0-AEF49C6AD95F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CED01605-09B9-417E-AE6F-1F62888A0C93\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.10.0.5\", \"matchCriteriaId\": \"89EDAF30-2238-495C-920F-F32CC17C046B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"261C0D85-C951-4F0C-B9C4-0E42B15834EE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.1.60\", \"matchCriteriaId\": \"6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA2D4987-3726-4A72-8D32-592F59FAC46D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.1.98\", \"matchCriteriaId\": \"53C5C134-0778-4098-B8B4-F9589516C297\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.1.98\", \"matchCriteriaId\": \"597D1ED8-FE6A-4325-83AB-5CA544CFA1AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5828F04B-E373-4E4F-942D-08CCA038418C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.134\", \"matchCriteriaId\": \"F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.2.158\", \"matchCriteriaId\": \"9A60E332-CA18-4617-B7C1-4BE82470DE34\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1289BBB4-1955-46A4-B5FE-BF11153C24F5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.134\", \"matchCriteriaId\": \"208CF907-B3ED-4A7D-BA5B-16A00F44683D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5882095F-B22A-4937-BA08-6640140F10AE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.134\", \"matchCriteriaId\": \"74ED019D-C07A-44BE-BD3E-30885C748DDA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C63267D8-4632-4D14-B39C-BEEC62AD8F87\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.134\", \"matchCriteriaId\": \"34EB68F4-B710-47C9-A01B-A6361B185A19\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B2C00E1-4A23-4304-B92F-B7D9F4818D90\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.2.158\", \"matchCriteriaId\": \"374F6EAA-A607-4A8F-BA86-EA770BA99189\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F285D60D-A5DA-4467-8F79-15EF8135D007\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.134\", \"matchCriteriaId\": \"E02DD6E2-3A3E-4857-9761-1B40FFA4E755\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A88D2A3-3B22-4639-94E9-69CE80F37392\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.134\", \"matchCriteriaId\": \"E53DAB63-389B-4B73-8F75-231320DC71C8\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.0.216\", \"matchCriteriaId\": \"D8DC1B77-994C-473C-AC97-7CC06341C607\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.1.232\", \"matchCriteriaId\": \"B4F00B47-FFC8-4D45-B49E-8347504A9A4C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D9781C9-799A-4BDA-A027-987627A01633\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.3.50\", \"matchCriteriaId\": \"37C80013-2E0F-459F-BE08-18D60B109AC0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"863E45EA-2DA0-4C9A-9B87-79E42B3FF97C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.2.80\", \"matchCriteriaId\": \"3A43D307-64B1-46BF-8237-75518D1703CC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17CF7445-6950-45FE-9D1A-E23F63316329\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.5.28\", \"matchCriteriaId\": \"01F57C27-EB5A-4F3E-ADF7-684DF8860DA2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F859165-8D89-4CDD-9D48-9C7923D2261F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.5.28\", \"matchCriteriaId\": \"8F67B805-17B5-4053-8399-0AFB2EF6E1D4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.2.104\", \"matchCriteriaId\": \"2135FFEC-0437-43C6-B146-3EF43E1B007B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5465A78-4826-4F72-9CBE-528CBF286A79\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.2.104\", \"matchCriteriaId\": \"5A413E57-A780-486E-AF85-EE460C99D696\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"783EEEE0-BB9A-4C54-82B2-046B1033091C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.2.104\", \"matchCriteriaId\": \"0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.2.104\", \"matchCriteriaId\": \"E19C965E-FA8D-4B42-BCB1-23788621DF45\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B801EC38-5B86-49F2-AB81-63F0F07A9BBE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"DAA4BD93-AE89-4506-936F-26C605685193\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6C9F31C-3E12-4787-9C9B-14883D9D152A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.2.104\", \"matchCriteriaId\": \"33146BAB-5A18-4A1F-BDD8-3BB33200CDB2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17D7D346-6F52-4473-A4EA-6059C177BF0F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"85AD5F45-F940-4FB5-B4D4-E44D816A3449\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"564B0FDF-7159-42EA-9CAA-BEF791274915\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC2B9C48-9FE6-462B-88EE-046F15E66430\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"998C6A17-5ADC-47F1-AF63-9B425143C086\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5604E66-E9CC-4B78-AF6A-2341B30E3594\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"252643DB-46F7-41E9-96E0-0669DD486E5F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1924FC8B-4031-4EA3-B214-AF6F77D94654\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.2.104\", \"matchCriteriaId\": \"1FBFA62B-2EBC-426A-98DC-235879902E72\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BA66D07-D017-49D6-8E72-5C48E940DE1B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.2.104\", \"matchCriteriaId\": \"66034CFD-1303-4B90-AF70-18B7EDBEFE32\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF03B2BB-34BB-4A0D-81CD-1841E524F885\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"237758B3-C096-465F-95C4-EB3F9835D91F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DADAA79-9A5C-4B6F-A58D-704ACD1C3334\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"217B0E6E-BCC9-4D12-ADD4-E2C65323018B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE5DBD66-9C2A-4EFF-87AB-03E791D584B5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"C8E13FC6-D0BF-4674-8A3B-FF5D81B15059\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9E20E59-2B1E-4E43-A494-2C20FD716D4F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.2.104\", \"matchCriteriaId\": \"82504AE8-4D6F-4A49-A611-FBFB303CD237\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2CAEA32-6934-4743-9E6B-22D52AC5E7F8\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"41B066B3-37CD-4839-909B-A8EC636E5F11\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32BAB5C0-F645-4A90-833F-6345335FA1AF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"9CED8944-D61A-4FDA-A9DB-76CBED16F338\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FDCDE39-0355-43B9-BF57-F3718DA2988D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.7.2.104\", \"matchCriteriaId\": \"0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BCFD959-D522-4FA0-AD01-2937DAEE1EDF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.2.104\", \"matchCriteriaId\": \"56489CFF-D34F-4C66-B69B-FB2CE4333D75\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27F93A76-6EFF-4DA6-9129-4792E2C125D4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.3.2.114\", \"matchCriteriaId\": \"FF01111F-8A37-4366-A63E-210E6CE0DB0E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.3.2.114\", \"matchCriteriaId\": \"4476F0C6-0A7D-4735-940C-F5C75316EEE9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.1.38\", \"matchCriteriaId\": \"1D92A0CE-769D-402F-8FD7-BDD8DF247CFD\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E12892C8-5E01-49A6-BF47-09D630377093\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.\"}, {\"lang\": \"es\", \"value\": \"Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\\u00f3digo arbitrario en instalaciones afectadas de NETGEAR R7800 versi\\u00f3n de firmware 1.0.2.76.\u0026#xa0;Aunque es requerida una autenticaci\\u00f3n para explotar esta vulnerabilidad, el mecanismo de autentificaci\\u00f3n existente puede ser omitido.\u0026#xa0;El fallo espec\\u00edfico se presenta dentro del manejo del par\\u00e1metro rc_service proporcionado para el archivo apply_save.cgi.\u0026#xa0;El problema resulta de la falta de comprobaci\\u00f3n apropiada de una cadena suministrada por el usuario antes de usarla para ejecutar una llamada al sistema.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\\u00f3digo en el contexto de root.\u0026#xa0;Era ZDI-CAN-12355\"}]",
      "id": "CVE-2021-27256",
      "lastModified": "2024-11-21T05:57:42.160",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"zdi-disclosures@trendmicro.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 8.3, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 6.5, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-03-05T20:15:12.550",
      "references": "[{\"url\": \"https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders\", \"source\": \"zdi-disclosures@trendmicro.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-21-262/\", \"source\": \"zdi-disclosures@trendmicro.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-21-262/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "zdi-disclosures@trendmicro.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"zdi-disclosures@trendmicro.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-27256\",\"sourceIdentifier\":\"zdi-disclosures@trendmicro.com\",\"published\":\"2021-03-05T20:15:12.550\",\"lastModified\":\"2024-11-21T05:57:42.160\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.\"},{\"lang\":\"es\",\"value\":\"Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en instalaciones afectadas de NETGEAR R7800 versi\u00f3n de firmware 1.0.2.76.\u0026#xa0;Aunque es requerida una autenticaci\u00f3n para explotar esta vulnerabilidad, el mecanismo de autentificaci\u00f3n existente puede ser omitido.\u0026#xa0;El fallo espec\u00edfico se presenta dentro del manejo del par\u00e1metro rc_service proporcionado para el archivo apply_save.cgi.\u0026#xa0;El problema resulta de la falta de comprobaci\u00f3n apropiada de una cadena suministrada por el usuario antes de usarla para ejecutar una llamada al sistema.\u0026#xa0;Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de root.\u0026#xa0;Era ZDI-CAN-12355\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":8.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":6.5,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.0.5\",\"matchCriteriaId\":\"9680E98E-021B-4C71-AAA0-AEF49C6AD95F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CED01605-09B9-417E-AE6F-1F62888A0C93\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.0.5\",\"matchCriteriaId\":\"89EDAF30-2238-495C-920F-F32CC17C046B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"261C0D85-C951-4F0C-B9C4-0E42B15834EE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.60\",\"matchCriteriaId\":\"6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA2D4987-3726-4A72-8D32-592F59FAC46D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.98\",\"matchCriteriaId\":\"53C5C134-0778-4098-B8B4-F9589516C297\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DCFF79A-8ACE-455B-90F3-FFC745E8BAD4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.98\",\"matchCriteriaId\":\"597D1ED8-FE6A-4325-83AB-5CA544CFA1AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5828F04B-E373-4E4F-942D-08CCA038418C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"F0F8C423-2E5C-4A50-AF7B-AC67C3771DD3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.158\",\"matchCriteriaId\":\"9A60E332-CA18-4617-B7C1-4BE82470DE34\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1289BBB4-1955-46A4-B5FE-BF11153C24F5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"208CF907-B3ED-4A7D-BA5B-16A00F44683D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5882095F-B22A-4937-BA08-6640140F10AE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"74ED019D-C07A-44BE-BD3E-30885C748DDA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C63267D8-4632-4D14-B39C-BEEC62AD8F87\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"34EB68F4-B710-47C9-A01B-A6361B185A19\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B2C00E1-4A23-4304-B92F-B7D9F4818D90\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.158\",\"matchCriteriaId\":\"374F6EAA-A607-4A8F-BA86-EA770BA99189\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F285D60D-A5DA-4467-8F79-15EF8135D007\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"E02DD6E2-3A3E-4857-9761-1B40FFA4E755\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A88D2A3-3B22-4639-94E9-69CE80F37392\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.134\",\"matchCriteriaId\":\"E53DAB63-389B-4B73-8F75-231320DC71C8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.0.216\",\"matchCriteriaId\":\"D8DC1B77-994C-473C-AC97-7CC06341C607\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D140E3B-9AE5-473A-82DE-9B9DBAE4C34A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.232\",\"matchCriteriaId\":\"B4F00B47-FFC8-4D45-B49E-8347504A9A4C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D9781C9-799A-4BDA-A027-987627A01633\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.3.50\",\"matchCriteriaId\":\"37C80013-2E0F-459F-BE08-18D60B109AC0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"863E45EA-2DA0-4C9A-9B87-79E42B3FF97C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.2.80\",\"matchCriteriaId\":\"3A43D307-64B1-46BF-8237-75518D1703CC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17CF7445-6950-45FE-9D1A-E23F63316329\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.5.28\",\"matchCriteriaId\":\"01F57C27-EB5A-4F3E-ADF7-684DF8860DA2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F859165-8D89-4CDD-9D48-9C7923D2261F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.5.28\",\"matchCriteriaId\":\"8F67B805-17B5-4053-8399-0AFB2EF6E1D4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"2135FFEC-0437-43C6-B146-3EF43E1B007B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5465A78-4826-4F72-9CBE-528CBF286A79\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"5A413E57-A780-486E-AF85-EE460C99D696\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"783EEEE0-BB9A-4C54-82B2-046B1033091C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"0E9B0ED1-3D84-44A6-BA37-E5F8D0EBCB10\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD91050-5FE0-4810-8E6F-EF9B9B2F02E9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"E19C965E-FA8D-4B42-BCB1-23788621DF45\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B801EC38-5B86-49F2-AB81-63F0F07A9BBE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"DAA4BD93-AE89-4506-936F-26C605685193\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6C9F31C-3E12-4787-9C9B-14883D9D152A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"33146BAB-5A18-4A1F-BDD8-3BB33200CDB2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D7D346-6F52-4473-A4EA-6059C177BF0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"85AD5F45-F940-4FB5-B4D4-E44D816A3449\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"564B0FDF-7159-42EA-9CAA-BEF791274915\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC2B9C48-9FE6-462B-88EE-046F15E66430\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"998C6A17-5ADC-47F1-AF63-9B425143C086\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5604E66-E9CC-4B78-AF6A-2341B30E3594\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"252643DB-46F7-41E9-96E0-0669DD486E5F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1924FC8B-4031-4EA3-B214-AF6F77D94654\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"1FBFA62B-2EBC-426A-98DC-235879902E72\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA66D07-D017-49D6-8E72-5C48E940DE1B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"66034CFD-1303-4B90-AF70-18B7EDBEFE32\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF03B2BB-34BB-4A0D-81CD-1841E524F885\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"237758B3-C096-465F-95C4-EB3F9835D91F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DADAA79-9A5C-4B6F-A58D-704ACD1C3334\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"217B0E6E-BCC9-4D12-ADD4-E2C65323018B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE5DBD66-9C2A-4EFF-87AB-03E791D584B5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"C8E13FC6-D0BF-4674-8A3B-FF5D81B15059\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E20E59-2B1E-4E43-A494-2C20FD716D4F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"82504AE8-4D6F-4A49-A611-FBFB303CD237\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2CAEA32-6934-4743-9E6B-22D52AC5E7F8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"41B066B3-37CD-4839-909B-A8EC636E5F11\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32BAB5C0-F645-4A90-833F-6345335FA1AF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"9CED8944-D61A-4FDA-A9DB-76CBED16F338\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"BDAE8049-9102-4B4A-A2CF-B6A2F638B4E3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FDCDE39-0355-43B9-BF57-F3718DA2988D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2.104\",\"matchCriteriaId\":\"0484BCA5-6DD3-43B9-BB83-24B6BF99C4AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BCFD959-D522-4FA0-AD01-2937DAEE1EDF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2.104\",\"matchCriteriaId\":\"56489CFF-D34F-4C66-B69B-FB2CE4333D75\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27F93A76-6EFF-4DA6-9129-4792E2C125D4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.2.114\",\"matchCriteriaId\":\"FF01111F-8A37-4366-A63E-210E6CE0DB0E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66B9CE4D-D1EC-4F55-8226-D159CF5F3AB6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.2.114\",\"matchCriteriaId\":\"4476F0C6-0A7D-4735-940C-F5C75316EEE9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1.38\",\"matchCriteriaId\":\"1D92A0CE-769D-402F-8FD7-BDD8DF247CFD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E12892C8-5E01-49A6-BF47-09D630377093\"}]}]}],\"references\":[{\"url\":\"https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders\",\"source\":\"zdi-disclosures@trendmicro.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-262/\",\"source\":\"zdi-disclosures@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-21-262/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.