CVE-2022-27645
29.03.2023, 19:15
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762.Enginsight
| Vendor | Product | Version |
|---|---|---|
| netgear | lax20_firmware | 𝑥 < 1.1.6.34 |
| netgear | r6400_firmware | 𝑥 < 1.0.4.126 |
| netgear | r6700_firmware | 𝑥 < 1.0.4.126 |
| netgear | r7000_firmware | 𝑥 < 1.0.11.134 |
| netgear | r7850_firmware | 𝑥 < 1.0.5.84 |
| netgear | r7900p_firmware | 𝑥 < 1.4.3.88 |
| netgear | r7960p_firmware | 𝑥 < 1.4.3.88 |
| netgear | r8000_firmware | 𝑥 < 1.0.4.84 |
| netgear | r8000p_firmware | 𝑥 < 1.4.3.88 |
| netgear | r8500_firmware | 𝑥 < 1.0.2.158 |
| netgear | rax15_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax20_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax200_firmware | 𝑥 < 1.0.6.138 |
| netgear | rax35_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax38_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax40_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax42_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax43_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax45_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax48_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax50_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax50s_firmware | 𝑥 < 1.0.10.110 |
| netgear | rax75_firmware | 𝑥 < 1.0.6.138 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-306 - Missing Authentication for Critical FunctionThe product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
- CWE-697 - Incorrect ComparisonThe software compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.
References