CVE-2021-33514
Published May 21, 2021
Last updated 3 years ago
Overview
- Description
- Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field. This affects GC108P before 1.0.7.3, GC108PP before 1.0.7.3, GS108Tv3 before 7.0.6.3, GS110TPPv1 before 7.0.6.3, GS110TPv3 before 7.0.6.3, GS110TUPv1 before 1.0.4.3, GS710TUPv1 before 1.0.4.3, GS716TP before 1.0.2.3, GS716TPP before 1.0.2.3, GS724TPPv1 before 2.0.4.3, GS724TPv2 before 2.0.4.3, GS728TPPv2 before 6.0.6.3, GS728TPv2 before 6.0.6.3, GS752TPPv1 before 6.0.6.3, GS752TPv2 before 6.0.6.3, MS510TXM before 1.0.2.3, and MS510TXUP before 1.0.2.3.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-78
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gc108p_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C620986-DC5A-41CC-A98B-889A17BC0ACF",
"versionEndExcluding": "1.0.7.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gc108p:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E9E3ADD8-926C-46CD-ABDF-0F7C99879808"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gc108pp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C3F71EB-072D-4B7E-9919-7E55536F6EEE",
"versionEndExcluding": "1.0.7.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gc108pp:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D79979EF-D425-4199-BC73-36FB97EA9976"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs108t_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A05E3C7-6428-4450-8583-489AD5D46527",
"versionEndExcluding": "7.0.6.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs108tv3:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8EE9EB1F-D49E-499A-B39B-7F15A1E5DAEC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs110tpp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C940AFA-F467-4DC1-8132-606579937978",
"versionEndExcluding": "7.0.6.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs110tpp:v1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0633037A-6C03-4006-BACE-E0892476489D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs110tp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4635972F-C455-4A72-9586-D977590156CE",
"versionEndExcluding": "7.0.6.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs110tp:v3:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F2DA3649-BC53-496E-A78C-FFA471872B5A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs110tup_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0612883-028F-40CA-A0E8-E3C8450B2A80",
"versionEndExcluding": "1.0.4.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs110tup:v1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "99672C73-B9EA-4507-8803-9D87F59B9BF4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs710tup_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8133024D-0E3D-4E4E-94B3-AFD03E352592",
"versionEndExcluding": "1.0.4.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs710tup:v1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "53C87DD8-98AF-4D2E-8BD8-5F0DE771EB6B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs716tp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3DF66B6-AF7B-4504-808E-1F714E727702",
"versionEndExcluding": "1.0.2.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs716tp:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C9D88DD2-CE3F-431C-8FC8-01CBFB5AFED1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs716tpp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52F1C3E3-4B6B-4B28-A7E0-051E14276981",
"versionEndExcluding": "1.0.2.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs716tpp:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6DB3B313-1667-401C-92CF-EBB03CF91010"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs724tpp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC19F224-54AA-40D4-A105-3C5E673E30A8",
"versionEndExcluding": "2.0.4.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs724tpp:v1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "14D5A2DB-7837-4CB4-ADCD-E0890E893E1B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs724tp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2163D47-4512-43C4-B794-EB98AF1A032F",
"versionEndExcluding": "2.0.4.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs724tp:v2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E871CCB4-8093-44AE-B289-CF81F82A9DB8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs728tpp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E20C106F-5C99-4CA1-BFB5-4AAAC15ACA42",
"versionEndExcluding": "6.0.6.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs728tpp:v2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC4DE9FB-CAD5-45F9-A11C-1C20EE2FF3A1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs728tp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4BE5E6E3-AF0C-44F6-AFC7-78BCFA8B2ABB",
"versionEndExcluding": "6.0.6.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs728tp:v2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7126D4F8-2E3C-478B-9BD2-8055DFB48D8D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs752tpp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFE86EBE-3C4C-45A2-BDF6-5F8929A88A2A",
"versionEndExcluding": "6.0.6.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs752tpp:v1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9C23B837-890A-4888-B875-94046F846CC4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:gs752tp_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27B54BD6-EE51-472D-817F-16CA2DB1541C",
"versionEndExcluding": "6.0.6.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:gs752tp:v2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CDD4D404-9A22-408B-89CF-5107B809CB90"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ms510txm_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6F0C7DF-8542-4FB2-8081-9A1F77FD7DD0",
"versionEndExcluding": "1.0.2.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms510txm:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5CF12A57-ACFA-48AA-B41C-06EB7095C800"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:ms510txup_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AC99505-9E3B-4F33-8E97-2F98A817A23B",
"versionEndExcluding": "1.0.2.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:ms510txup:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D3A918F0-36BB-4EDE-98B8-00C3DC8F7BB5"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]