CVE-2021-40866

Published: Sep 13, 2021Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication when the authentication TLV is missing from a received NSDP packet. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS750E before 1.0.1.10, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2.

Affected (20)

Products: Netgear: Gc108p Firmware, Gc108pp Firmware, Gs108t Firmware, Gs110tpp Firmware, Gs110tp Firmware, Gs110tup Firmware, Gs308t Firmware, Gs310tp Firmware, Gs710tup Firmware, Gs716tp Firmware, Gs716tpp Firmware, Gs724tpp Firmware, Gs724tp Firmware, Gs728tpp Firmware, Gs728tp Firmware, Gs750e Firmware, Gs752tpp Firmware, Gs752tp Firmware, Ms510txm Firmware, Ms510txup Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gc108p Firmware	Before 1.0.8.2

Running on/with	Platform Versions
Netgear Gc108p	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gc108pp Firmware	Before 1.0.8.2

Running on/with	Platform Versions
Netgear Gc108pp	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs108t Firmware	Before 7.0.7.2

Running on/with	Platform Versions
Netgear Gs108tv3	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs110tpp Firmware	Before 7.0.7.2

Running on/with	Platform Versions
Netgear Gs110tpp	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs110tp Firmware	Before 7.0.7.2

Running on/with	Platform Versions
Netgear Gs110tp	Version v3

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs110tup Firmware	Before 1.0.5.3

Running on/with	Platform Versions
Netgear Gs110tup	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs308t Firmware	Before 1.0.3.2

Running on/with	Platform Versions
Netgear Gs308t	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs310tp Firmware	Before 1.0.3.2

Running on/with	Platform Versions
Netgear Gs310tp	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs710tup Firmware	Before 1.0.5.3

Running on/with	Platform Versions
Netgear Gs710tup	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs716tp Firmware	Before 1.0.4.2

Running on/with	Platform Versions
Netgear Gs716tp	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs716tpp Firmware	Before 1.0.4.2

Running on/with	Platform Versions
Netgear Gs716tpp	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs724tpp Firmware	Before 2.0.6.3

Running on/with	Platform Versions
Netgear Gs724tpp	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs724tp Firmware	Before 2.0.6.3

Running on/with	Platform Versions
Netgear Gs724tp	Version v2

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs728tpp Firmware	Before 6.0.8.2

Running on/with	Platform Versions
Netgear Gs728tpp	Version v2

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs728tp Firmware	Before 6.0.8.2

Running on/with	Platform Versions
Netgear Gs728tp	Version v2

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs750e Firmware	Before 1.0.1.10

Running on/with	Platform Versions
Netgear Gs750e	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs752tpp Firmware	Before 6.0.8.2

Running on/with	Platform Versions
Netgear Gs752tpp	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Gs752tp Firmware	Before 6.0.8.2

Running on/with	Platform Versions
Netgear Gs752tp	Version v2

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ms510txm Firmware	Before 1.0.4.2

Running on/with	Platform Versions
Netgear Ms510txm	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netgear Ms510txup Firmware	Before 1.0.4.2

Running on/with	Platform Versions
Netgear Ms510txup	All versions

References (4)

https://gynvael.coldwind.pl/?id=740

Source: cve@mitre.org

ExploitThird Party Advisory

https://kb.netgear.com/000063978/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Smart-Switches-PSV-2021-0140-PSV-2021-0144-PSV-2021-0145

Source: cve@mitre.org

Vendor Advisory

https://gynvael.coldwind.pl/?id=740

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://kb.netgear.com/000063978/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Smart-Switches-PSV-2021-0140-PSV-2021-0144-PSV-2021-0145

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.