CVE-2021-45638
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.74, D8500 before 1.0.3.60, DC112A before 1.0.0.56, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R7000 before 1.0.11.116, R7100LG before 1.0.0.70, RBS40V before 2.6.2.8, RBW30 before 2.6.2.2, RS400 before 1.5.1.80, R7000P before 1.3.2.132, and R6900P before 1.3.2.132.
Affected (14)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear D6220 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.102 |
| Running on/with | Platform Versions |
|---|---|
Netgear D6400 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.74 |
| Running on/with | Platform Versions |
|---|---|
Netgear D7000v2 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.3.60 |
| Running on/with | Platform Versions |
|---|---|
Netgear D8500 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.56 |
| Running on/with | Platform Versions |
|---|---|
Netgear Dc112a | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.4.50 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6300v2 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.1.68 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6400 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.11.116 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7000 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.0.0.70 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7100lg | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.3.2.132 |
| Running on/with | Platform Versions |
|---|---|
Netgear R7000p | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.6.2.8 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbs40v | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 2.6.2.2 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rbw30 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.5.1.80 |
| Running on/with | Platform Versions |
|---|---|
Netgear Rs400 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.3.2.132 |
| Running on/with | Platform Versions |
|---|---|
Netgear R6900p | All versions |
References (2)
Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.