CVE-2021-27252

Published: Apr 14, 2021Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216.

Affected (43)

Products: Netgear: Br200 Firmware, Br500 Firmware, D7800 Firmware, Ex6100v2 Firmware, Ex6150 Firmware, Ex6250 Firmware, Ex6400 Firmware, Ex6400v2 Firmware, Ex6410 Firmware, Ex6420 Firmware, Ex7300 Firmware, Ex7300v2 Firmware, Ex7320 Firmware, Ex7700 Firmware, Ex8000 Firmware, Lbr20 Firmware, R7800 Firmware, R8900 Firmware, R9000 Firmware, Rbk12 Firmware, Rbk13 Firmware, Rbk14 Firmware, Rbk15 Firmware, Rbk20 Firmware, Rbk23 Firmware, Rbk40 Firmware, Rbk43 Firmware, Rbk43s Firmware, Rbk44 Firmware, Rbk50 Firmware, Rbk53 Firmware, Rbr10 Firmware, Rbr20 Firmware, Rbr40 Firmware, Rbr50 Firmware, Rbs10 Firmware, Rbs20 Firmware, Rbs40 Firmware, Rbs50 Firmware, Rbs50y Firmware, Xr450 Firmware, Xr500 Firmware, Xr700 Firmware

43 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Br200 Firmware	Before 5.10.0.5

Running on/with	Platform Versions
Netgear Br200	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Br500 Firmware	Before 5.10.0.5

Running on/with	Platform Versions
Netgear Br500	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear D7800 Firmware	Before 1.0.1.60

Running on/with	Platform Versions
Netgear D7800	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6100v2 Firmware	Before 1.0.1.98

Running on/with	Platform Versions
Netgear Ex6100	Version v2

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6150 Firmware	Before 1.0.1.98

Running on/with	Platform Versions
Netgear Ex6150	Version v2

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6250 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex6250	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6400 Firmware	Before 1.0.2.158

Running on/with	Platform Versions
Netgear Ex6400	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6400v2 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex6400	Version v2

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6410 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex6410	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6420 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex6420	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7300 Firmware	Before 1.0.2.158

Running on/with	Platform Versions
Netgear Ex7300	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7300v2 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex7300	Version v2

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7320 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex7320	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7700 Firmware	Before 1.0.0.216

Running on/with	Platform Versions
Netgear Ex7700	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex8000 Firmware	Before 1.0.1.232

Running on/with	Platform Versions
Netgear Ex8000	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Lbr20 Firmware	Before 2.6.3.50

Running on/with	Platform Versions
Netgear Lbr20	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R7800 Firmware	Before 1.0.2.80

Running on/with	Platform Versions
Netgear R7800	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R8900 Firmware	Before 1.0.5.28

Running on/with	Platform Versions
Netgear R8900	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R9000 Firmware	Before 1.0.5.28

Running on/with	Platform Versions
Netgear R9000	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk12 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk12	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk13 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk13	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk14 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk14	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk15 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk15	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk20 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk20	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk23 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk23	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk40 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk40	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk43 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk43	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk43s Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk43s	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk44 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk44	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk50 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk50	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk53 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk53	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr10 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbr10	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr20 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbr20	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr40 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbr40	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr50 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbr50	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs10 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbs10	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs20 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbs20	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs40 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbs40	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs50 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbs50	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs50y Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbs50y	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr450 Firmware	Before 2.3.2.114

Running on/with	Platform Versions
Netgear Xr450	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr500 Firmware	Before 2.3.2.114

Running on/with	Platform Versions
Netgear Xr500	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr700 Firmware	Before 1.0.1.38

Running on/with	Platform Versions
Netgear Xr700	All versions

Related CWEs

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (4)

https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders

Source: zdi-disclosures@trendmicro.com

PatchVendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-248/

Source: zdi-disclosures@trendmicro.com

Third Party AdvisoryVDB Entry

https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-248/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.