CVE-2021-27251

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
zdiCNA
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
netgearbr200_firmware
𝑥
< 5.10.0.5
netgearbr500_firmware
𝑥
< 5.10.0.5
netgeard7800_firmware
𝑥
< 1.0.1.60
netgearex6100v2_firmware
𝑥
< 1.0.1.98
netgearex6150_firmware
𝑥
< 1.0.1.98
netgearex6250_firmware
𝑥
< 1.0.0.134
netgearex6400_firmware
𝑥
< 1.0.2.158
netgearex6400v2_firmware
𝑥
< 1.0.0.134
netgearex6410_firmware
𝑥
< 1.0.0.134
netgearex6420_firmware
𝑥
< 1.0.0.134
netgearex7300_firmware
𝑥
< 1.0.2.158
netgearex7300v2_firmware
𝑥
< 1.0.0.134
netgearex7320_firmware
𝑥
< 1.0.0.134
netgearex7700_firmware
𝑥
< 1.0.0.216
netgearex8000_firmware
𝑥
< 1.0.1.232
netgearlbr20_firmware
𝑥
< 2.6.3.50
netgearr7800_firmware
𝑥
< 1.0.2.80
netgearr8900_firmware
𝑥
< 1.0.5.28
netgearr9000_firmware
𝑥
< 1.0.5.28
netgearrbk12_firmware
𝑥
< 2.7.2.104
netgearrbk13_firmware
𝑥
< 2.7.2.104
netgearrbk14_firmware
𝑥
< 2.7.2.104
netgearrbk15_firmware
𝑥
< 2.7.2.104
netgearrbk20_firmware
𝑥
< 2.6.2.104
netgearrbk23_firmware
𝑥
< 2.7.2.104
netgearrbk40_firmware
𝑥
< 2.6.2.104
netgearrbk43_firmware
𝑥
< 2.6.2.104
netgearrbk43s_firmware
𝑥
< 2.6.2.104
netgearrbk44_firmware
𝑥
< 2.6.2.104
netgearrbk50_firmware
𝑥
< 2.7.2.104
netgearrbk53_firmware
𝑥
< 2.7.2.104
netgearrbr10_firmware
𝑥
< 2.6.2.104
netgearrbr20_firmware
𝑥
< 2.6.2.104
netgearrbr40_firmware
𝑥
< 2.6.2.104
netgearrbr50_firmware
𝑥
< 2.7.2.104
netgearrbs10_firmware
𝑥
< 2.6.2.104
netgearrbs20_firmware
𝑥
< 2.6.2.104
netgearrbs40_firmware
𝑥
< 2.6.2.104
netgearrbs50_firmware
𝑥
< 2.7.2.104
netgearrbs50y_firmware
𝑥
< 2.6.2.104
netgearxr450_firmware
𝑥
< 2.3.2.114
netgearxr500_firmware
𝑥
< 2.3.2.114
netgearxr700_firmware
𝑥
< 1.0.1.38
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders
https://www.zerodayinitiative.com/advisories/ZDI-21-247/
https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders
https://www.zerodayinitiative.com/advisories/ZDI-21-247/