CVE-2021-32122

Published Aug 11, 2021

Last updated 3 years ago

CVSS high 8.0

Overview

Description: Certain NETGEAR devices are affected by CSRF. This affects EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, and EX6130 before 1.0.0.44.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8
Impact score: 5.9
Exploitability score: 2.1
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5.4
Impact score: 6.4
Exploitability score: 5.5
Vector string: AV:A/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-352

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20A423A5-04E9-4323-9818-6C9B78065103",
            "versionEndExcluding": "1.0.0.90"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CDAA5899-B73C-4690-853E-B5400F034BE1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "850D0AE9-A57C-47D3-9D44-7EE24E6F594D",
            "versionEndExcluding": "1.0.0.90"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC5488D9-651C-4BAB-A141-06B816690D42"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B9DB22D-0775-48CE-A97D-BA3B5873C9F8",
            "versionEndExcluding": "1.0.0.64"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F747A14B-5331-428E-8B53-724090554E07",
            "versionEndExcluding": "1.0.0.44"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References