CVE-2021-38524

Published Aug 11, 2021

Last updated 3 years ago

CVSS medium 4.9

Overview

Description: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.32, RAX50 before 1.0.2.32, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, and RBS750 before 3.2.16.6.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.9
Impact score: 3.6
Exploitability score: 1.2
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-787

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "525B767F-5A8A-4E6C-8585-BCBB05948B2D",
            "versionEndExcluding": "1.0.6.110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:mk62:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "69A79475-37BE-47BD-A629-DCEF22500B0B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F1EBAB4-F713-4AC5-AECC-9E9D61FF3576",
            "versionEndExcluding": "1.0.6.110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:mr60:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "65BB3ECD-2F0B-4625-A1DB-F6CEFC46E277"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E445DBA-2B45-410C-9288-1A4472452CE1",
            "versionEndExcluding": "1.0.6.110"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ms60:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F003F064-591C-4D7C-9EC4-D0E553BC6683"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax15_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED73C5EC-C8D3-4206-BCAA-0901F786DD98",
            "versionEndExcluding": "1.0.2.82"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax15:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B624B4D3-BCF4-4F95-B401-A88BEC3145A5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93EF1D39-E084-40E9-86CF-C590763841A0",
            "versionEndExcluding": "1.0.2.82"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7038703C-C79D-4DD4-8B16-E1A5FC6694C0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04513F08-329D-446F-A356-29074C1C0BEA",
            "versionEndExcluding": "1.0.3.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "58EB0F2F-FB5C-47D9-9AE6-087AE517B3F9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax45_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05363CF1-17DA-4462-9C68-2790FE70D539",
            "versionEndExcluding": "1.0.2.32"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax45:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4B08BD69-CDCC-4CEB-B887-4E47D2B45D26"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax50_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41D61A7C-BF7E-4A84-A08B-C9FF449AF952",
            "versionEndExcluding": "1.0.2.32"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax50:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C430976E-24C0-4EA7-BF54-F9C188AB9C01"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0318AD0-52A7-490F-94C1-D07C97370D2C",
            "versionEndExcluding": "1.0.3.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34D7AF28-F117-4E31-AED8-A3179B1BE182",
            "versionEndExcluding": "1.0.3.106"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDD03FFF-ECAF-4527-A195-559DF479A0F2",
            "versionEndExcluding": "3.2.16.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A45832BD-114D-42F1-B9F1-7532496D30A6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05A46FA9-5DC8-4408-B4C2-AD5F1CABE7C1",
            "versionEndExcluding": "3.2.16.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C13F5C69-FA9B-472A-9036-0C2967BDCDE9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C144D71-6C10-44CD-BFF9-907A92F0432C",
            "versionEndExcluding": "3.2.16.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B529194C-C440-4BC3-850F-0613FC548F86"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References