CVE-2021-27257

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
zdiCNA
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
netgearbr200_firmware
𝑥
< 5.10.0.5
netgearbr500_firmware
𝑥
< 5.10.0.5
netgeard7800_firmware
𝑥
< 1.0.1.60
netgearex6100v2_firmware
𝑥
< 1.0.1.98
netgearex6150v2_firmware
𝑥
< 1.0.1.98
netgearex6250_firmware
𝑥
< 1.0.0.134
netgearex6400_firmware
𝑥
< 1.0.2.158
netgearex6400v2_firmware
𝑥
< 1.0.0.134
netgearex6410_firmware
𝑥
< 1.0.0.134
netgearex6420_firmware
𝑥
< 1.0.0.134
netgearex7300_firmware
𝑥
< 1.0.2.158
netgearex7300v2_firmware
𝑥
< 1.0.0.134
netgearex7320_firmware
𝑥
< 1.0.0.134
netgearex7700_firmware
𝑥
< 1.0.0.216
netgearex8000_firmware
𝑥
< 1.0.1.232
netgearlbr20_firmware
𝑥
< 2.6.3.50
netgearr7800_firmware
𝑥
< 1.0.2.80
netgearr8900_firmware
𝑥
< 1.0.5.28
netgearr9000_firmware
𝑥
< 1.0.5.28
netgearrbk12_firmware
𝑥
< 2.7.2.104
netgearrbk13_firmware
𝑥
< 2.7.2.104
netgearrbk14_firmware
𝑥
< 2.7.2.104
netgearrbk15_firmware
𝑥
< 2.7.2.104
netgearrbk20_firmware
𝑥
< 2.6.2.104
netgearrbk23_firmware
𝑥
< 2.7.2.104
netgearrbk40_firmware
𝑥
< 2.6.2.104
netgearrbk43_firmware
𝑥
< 2.6.2.104
netgearrbk43s_firmware
𝑥
< 2.6.2.104
netgearrbk44_firmware
𝑥
< 2.6.2.104
netgearrbk50_firmware
𝑥
< 2.7.2.104
netgearrbk53_firmware
𝑥
< 2.7.2.104
netgearrbr10_firmware
𝑥
< 2.6.2.104
netgearrbr20_firmware
𝑥
< 2.6.2.104
netgearrbr40_firmware
𝑥
< 2.6.2.104
netgearrbr50_firmware
𝑥
< 2.7.2.104
netgearrbs10_firmware
𝑥
< 2.6.2.104
netgearrbs20_firmware
𝑥
< 2.6.2.104
netgearrbs40_firmware
𝑥
< 2.6.2.104
netgearrbs50_firmware
𝑥
< 2.7.2.104
netgearrbs50y_firmware
𝑥
< 2.6.2.104
netgearxr450_firmware
𝑥
< 2.3.2.114
netgearxr500_firmware
𝑥
< 2.3.2.114
netgearxr700_firmware
𝑥
< 1.0.1.38
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders
https://www.zerodayinitiative.com/advisories/ZDI-21-264/
https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders
https://www.zerodayinitiative.com/advisories/ZDI-21-264/