CVE-2021-45643

EUVD-2021-32409
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, and XR1000 before 1.0.0.58.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.2 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
mitreCNA
8.2 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AC:L/AV:A/A:N/C:H/I:L/PR:N/S:C/UI:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Affected Products (NVD)
VendorProductVersion
netgearr6400v2_firmware
𝑥
< 1.0.4.118
netgearr6700v3_firmware
𝑥
< 1.0.4.118
netgearxr1000_firmware
𝑥
< 1.0.0.58
𝑥
= Vulnerable software versions
References
https://kb.netgear.com/000064159/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2021-0035
https://kb.netgear.com/000064159/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2021-0035