CVE-2021-45511

Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021-08-27, AC2600 before 2021-08-27, D7000 before 2021-08-27, R6220 before 2021-08-27, R6230 before 2021-08-27, R6260 before 2021-08-27, R6330 before 2021-08-27, R6350 before 2021-08-27, R6700v2 before 2021-08-27, R6800 before 2021-08-27, R6850 before 2021-08-27, R6900v2 before 2021-08-27, R7200 before 2021-08-27, R7350 before 2021-08-27, R7400 before 2021-08-27, and R7450 before 2021-08-27.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 MEDIUM
ADJACENT_NETWORK
LOW
HIGH
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
mitreCNA
6.8 MEDIUM
ADJACENT_NETWORK
LOW
HIGH
CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:H/S:U/UI:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
VendorProductVersion
netgearac2100_firmware
𝑥
< 1.2.0.88
netgearac2400_firmware
𝑥
< 1.2.0.88
netgearac2600_firmware
𝑥
< 1.2.0.88
netgeard7000_firmware
𝑥
< 1.0.1.80
netgearr6220_firmware
𝑥
< 1.1.0.110
netgearr6230_firmware
𝑥
< 1.1.0.110
netgearr6260_firmware
𝑥
< 1.1.0.84
netgearr6330_firmware
𝑥
< 1.1.0.84
netgearr6350_firmware
𝑥
< 1.1.0.84
netgearr6700v2_firmware
𝑥
< 1.2.0.88
netgearr6800_firmware
𝑥
< 1.2.0.88
netgearr6850_firmware
𝑥
< 1.1.0.84
netgearr6900v2_firmware
𝑥
< 1.2.0.88
netgearr7200_firmware
𝑥
< 1.2.0.88
netgearr7350_firmware
𝑥
< 1.2.0.88
netgearr7400_firmware
𝑥
< 1.2.0.88
netgearr7450_firmware
𝑥
< 1.2.0.88
𝑥
= Vulnerable software versions
References
https://kb.netgear.com/000063961/Security-Advisory-for-Authentication-Bypass-Vulnerability-on-the-D7000-and-Some-Routers-PSV-2021-0133
https://kb.netgear.com/000063961/Security-Advisory-for-Authentication-Bypass-Vulnerability-on-the-D7000-and-Some-Routers-PSV-2021-0133