CVE-2021-45642 Information

Jun 07, 2022 cve

Description

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.64 EX6250 before 1.0.0.134 EX7700 before 1.0.0.222 LBR20 before 2.6.3.50 RBS50Y before 2.7.3.22 R8900 before 1.0.5.26 R9000 before 1.0.5.26 XR450 before 2.3.2.66 XR500 before 2.3.2.66 XR700 before 1.0.1.36 EX7320 before 1.0.0.134 RAX120 before 1.2.2.24 EX7300v2 before 1.0.0.134 RAX120v2 before 1.2.2.24 EX6410 before 1.0.0.134 RBR10 before 2.7.3.22 RBR20 before 2.7.3.22 RBR40 before 2.7.3.22 RBR50 before 2.7.3.22 EX6420 before 1.0.0.134 RBS10 before 2.7.3.22 RBS20 before 2.7.3.22 RBS40 before 2.7.3.22 RBS50 before 2.7.3.22 EX6400v2 before 1.0.0.134 RBK12 before 2.7.3.22 RBK20 before 2.7.3.22 RBK40 before 2.7.3.22 and RBK50 before 2.7.3.22.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

https://kb.netgear.com/000064491/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0427

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.2

Share on: