CVE-2021-45527
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
Affected (36)
Products: Netgear: Rbk752 Firmware, Rbr750 Firmware, Rbs750 Firmware, Rbk852 Firmware, Rbr850 Firmware, Rbs850 Firmware, D6220 Firmware, D6400 Firmware, D7000v2 Firmware, D8500 Firmware, Dc112a Firmware, Ex7000 Firmware, Ex7500 Firmware, R6250 Firmware, R6300v2 Firmware, R6400 Firmware, R6400v2 Firmware, R6700v3 Firmware, R7000 Firmware, R7100lg Firmware, R7850 Firmware, R7900 Firmware, R7960p Firmware, R8000 Firmware, Rax200 Firmware, Rax75 Firmware, Rax80 Firmware, Rbs40v Firmware, Xr300 Firmware, Rs400 Firmware, R7000p Firmware, R8000p Firmware, R8500 Firmware, R6900p Firmware, R7900p Firmware, R8300 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.17.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbk752 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.17.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr750 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.17.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs750 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.17.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbk852 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.17.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbr850 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.2.17.12 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs850 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear D6220 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.102 |
| Running on/with | Platform Versions |
|---|---|
Netgear D6400 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.66 |
| Running on/with | Platform Versions |
|---|---|
Netgear D7000v2 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.58 |
| Running on/with | Platform Versions |
|---|---|
Netgear D8500 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.54 |
| Running on/with | Platform Versions |
|---|---|
Netgear Dc112a | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.94 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex7000 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.72 |
| Running on/with | Platform Versions |
|---|---|
Netgear Ex7500 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.48 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6250 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.52 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6300v2 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.70 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6400 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.102 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6400v2 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.102 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6700v3 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.116 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7000 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.64 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7100lg | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.5.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7850 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.30 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7900 | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.4.1.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7960p | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.52 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8000 | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.88 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax200 | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.102 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax75 | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.102 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rax80 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.6.2.4 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs40v | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.56 |
| Running on/with | Platform Versions |
|---|---|
Netgear Xr300 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.5.1.80 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rs400 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.3.2.124 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7000p | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.4.1.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8000p | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.144 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8500 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.3.2.124 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6900p | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.4.1.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7900p | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.2.144 |
| Running on/with | Platform Versions |
|---|---|
Netgear R8300 | All versions |
References (2)
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.