CVE-2021-27255

Published: Mar 5, 2021Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360.

Affected (43)

Products: Netgear: Br200 Firmware, Br500 Firmware, D7800 Firmware, Ex6100v2 Firmware, Ex6150v2 Firmware, Ex6250 Firmware, Ex6400 Firmware, Ex6400v2 Firmware, Ex6410 Firmware, Ex6420 Firmware, Ex7300 Firmware, Ex7300v2 Firmware, Ex7320 Firmware, Ex7700 Firmware, Ex8000 Firmware, Lbr20 Firmware, R7800 Firmware, R8900 Firmware, R9000 Firmware, Rbk12 Firmware, Rbk13 Firmware, Rbk14 Firmware, Rbk15 Firmware, Rbk20 Firmware, Rbk23 Firmware, Rbk40 Firmware, Rbk43 Firmware, Rbk43s Firmware, Rbk44 Firmware, Rbk50 Firmware, Rbk53 Firmware, Rbr10 Firmware, Rbr20 Firmware, Rbr40 Firmware, Rbr50 Firmware, Rbs10 Firmware, Rbs20 Firmware, Rbs40 Firmware, Rbs50 Firmware, Rbs50y Firmware, Xr450 Firmware, Xr500 Firmware, Xr700 Firmware

43 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Br200 Firmware	Before 5.10.0.5

Running on/with	Platform Versions
Netgear Br200	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Br500 Firmware	Before 5.10.0.5

Running on/with	Platform Versions
Netgear Br500	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear D7800 Firmware	Before 1.0.1.60

Running on/with	Platform Versions
Netgear D7800	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6100v2 Firmware	Before 1.0.1.98

Running on/with	Platform Versions
Netgear Ex6100v2	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6150v2 Firmware	Before 1.0.1.98

Running on/with	Platform Versions
Netgear Ex6150v2	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6250 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex6250	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6400 Firmware	Before 1.0.2.158

Running on/with	Platform Versions
Netgear Ex6400	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6400v2 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex6400v2	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6410 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex6410	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex6420 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex6420	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7300 Firmware	Before 1.0.2.158

Running on/with	Platform Versions
Netgear Ex7300	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7300v2 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex7300v2	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7320 Firmware	Before 1.0.0.134

Running on/with	Platform Versions
Netgear Ex7320	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex7700 Firmware	Before 1.0.0.216

Running on/with	Platform Versions
Netgear Ex7700	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ex8000 Firmware	Before 1.0.1.232

Running on/with	Platform Versions
Netgear Ex8000	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Lbr20 Firmware	Before 2.6.3.50

Running on/with	Platform Versions
Netgear Lbr20	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R7800 Firmware	Before 1.0.2.80

Running on/with	Platform Versions
Netgear R7800	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R8900 Firmware	Before 1.0.5.28

Running on/with	Platform Versions
Netgear R8900	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear R9000 Firmware	Before 1.0.5.28

Running on/with	Platform Versions
Netgear R9000	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk12 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk12	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk13 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk13	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk14 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk14	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk15 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk15	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk20 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk20	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk23 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk23	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk40 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk40	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk43 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk43	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk43s Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk43s	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk44 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbk44	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk50 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk50	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbk53 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbk53	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr10 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbr10	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr20 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbr20	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr40 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbr40	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbr50 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbr50	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs10 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbs10	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs20 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbs20	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs40 Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbs40	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs50 Firmware	Before 2.7.2.104

Running on/with	Platform Versions
Netgear Rbs50	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Rbs50y Firmware	Before 2.6.2.104

Running on/with	Platform Versions
Netgear Rbs50y	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr450 Firmware	Before 2.3.2.114

Running on/with	Platform Versions
Netgear Xr450	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr500 Firmware	Before 2.3.2.114

Running on/with	Platform Versions
Netgear Xr500	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Xr700 Firmware	Before 1.0.1.38

Running on/with	Platform Versions
Netgear Xr700	All versions

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (4)

https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders

Source: zdi-disclosures@trendmicro.com

PatchVendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-263/

Source: zdi-disclosures@trendmicro.com

Third Party AdvisoryVDB Entry

https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-263/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.