CVE-2021-45618

26.12.2021, 01:15

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.64, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.134, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, LBR20 before 2.6.3.50, R7800 before 1.0.2.80, R8900 before 1.0.5.26, R9000 before 1.0.5.26, RAX120 before 1.2.0.16, RBS50Y before 1.0.0.56, WNR2000v5 before 1.0.0.76, XR450 before 2.3.2.114, XR500 before 2.3.2.114, XR700 before 1.0.1.36, EX6150v2 before 1.0.1.98, EX7300 before 1.0.2.158, EX7320 before 1.0.0.134, EX6100v2 before 1.0.1.98, EX6400 before 1.0.2.158, EX7300v2 before 1.0.0.134, EX6410 before 1.0.0.134, RBR10 before 2.6.1.44, RBR20 before 2.6.2.104, RBR40 before 2.6.2.104, RBR50 before 2.7.2.102, EX6420 before 1.0.0.134, RBS10 before 2.6.1.44, RBS20 before 2.6.2.104, RBS40 before 2.6.2.104, RBS50 before 2.7.2.102, EX6400v2 before 1.0.0.134, RBK12 before 2.6.1.44, RBK20 before 2.6.2.104, RBK40 before 2.6.2.104, and RBK50 before 2.7.2.102.

Command Injection

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.6 CRITICAL	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
mitre	CNA	9.6 CRITICAL	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 80%

Vendor	Product	Version
netgear	d7800_firmware	𝑥 < 1.0.1.64
netgear	ex6200v2_firmware	𝑥 < 1.0.1.86
netgear	ex6250_firmware	𝑥 < 1.0.0.134
netgear	ex7700_firmware	𝑥 < 1.0.0.216
netgear	ex8000_firmware	𝑥 < 1.0.1.232
netgear	lbr20_firmware	𝑥 < 2.6.3.50
netgear	r7800_firmware	𝑥 < 1.0.2.80
netgear	r8900_firmware	𝑥 < 1.0.5.26
netgear	r9000_firmware	𝑥 < 1.0.5.26
netgear	rax120_firmware	𝑥 < 1.2.0.16
netgear	rbs50y_firmware	𝑥 < 1.0.0.56
netgear	wnr2000v5_firmware	𝑥 < 1.0.0.76
netgear	xr450_firmware	𝑥 < 2.3.2.114
netgear	xr500_firmware	𝑥 < 2.3.2.114
netgear	xr700_firmware	𝑥 < 1.0.1.36
netgear	ex6150v2_firmware	𝑥 < 1.0.1.98
netgear	ex7300_firmware	𝑥 < 1.0.2.158
netgear	ex7320_firmware	𝑥 < 1.0.0.134
netgear	ex6100v2_firmware	𝑥 < 1.0.1.98
netgear	ex6400_firmware	𝑥 < 1.0.2.158
netgear	ex7300v2_firmware	𝑥 < 1.0.0.134
netgear	ex6410_firmware	𝑥 < 1.0.0.134
netgear	rbr10_firmware	𝑥 < 2.6.1.44
netgear	rbr20_firmware	𝑥 < 2.6.2.104
netgear	rbr40_firmware	𝑥 < 2.6.2.104
netgear	rbr50_firmware	𝑥 < 2.7.2.102
netgear	ex6420_firmware	𝑥 < 1.0.0.134
netgear	rbs10_firmware	𝑥 < 2.6.1.44
netgear	rbs20_firmware	𝑥 < 2.6.2.104
netgear	rbs40_firmware	𝑥 < 2.6.2.104
netgear	rbs50_firmware	𝑥 < 2.7.2.102
netgear	ex6400v2_firmware	𝑥 < 1.0.0.134
netgear	rbk12_firmware	𝑥 < 2.6.1.44
netgear	rbk20_firmware	𝑥 < 2.6.2.104
netgear	rbk40_firmware	𝑥 < 2.6.2.104
netgear	rbk50_firmware	𝑥 < 2.7.2.102

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

References

https://kb.netgear.com/000064490/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0422