CVE-2021-41314

Published Sep 16, 2021
Last updated 2 years ago
CVSS high 8.8
Overview

Description: Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or overwrite) a file with specific content (e.g., the "2" string). This leads to admin session crafting and therefore gaining full web UI admin privileges by an unauthenticated attacker. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS750E before 1.0.1.10, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 8.3
Impact score: 10
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-74
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gc108p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E9E3ADD8-926C-46CD-ABDF-0F7C99879808"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gc108p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A1CC9E5-8253-4924-8282-9E768661680E",
            "versionEndExcluding": "1.0.8.2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gc108pp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D79979EF-D425-4199-BC73-36FB97EA9976"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gc108pp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B8389CE-DA82-49C9-A431-7B2FE7C8950E",
            "versionEndExcluding": "1.0.8.2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs108tv3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8EE9EB1F-D49E-499A-B39B-7F15A1E5DAEC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs108t_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2C585B5-2EDE-41DD-A1DB-3F3B5DCB1C83",
            "versionEndExcluding": "7.0.7.2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs110tpp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E095D139-28EE-4ADD-8FCD-3C2322AC3668"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs110tpp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAAA5112-5735-4889-9F6C-4217D2CE58FC",
            "versionEndExcluding": "7.0.7.2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs110tp:v3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F2DA3649-BC53-496E-A78C-FFA471872B5A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs110tp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5F5E8A3-6FB6-45B0-819A-95F88B6486DD",
            "versionEndExcluding": "7.0.7.2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs110tup:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1A469DFA-DE46-444C-B007-F9932C61EE26"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs110tup_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B241F5FC-3053-44ED-ABDE-F7E4C1F26E2D",
            "versionEndExcluding": "1.0.5.3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs308t:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C204CFAA-0709-421A-A907-8F5B093063F4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs308t_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5EF9D41-5E0D-4BBC-BD8C-40422B29D241",
            "versionEndExcluding": "1.0.3.2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs310tp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6761CCD9-9D27-465F-8707-F23707A84803"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs310tp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A18B9E4-16A6-443B-A504-784FA821B404",
            "versionEndExcluding": "1.0.3.2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs710tup_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17CEF560-AF2A-48AD-B8A4-666BD2ECBDCE",
            "versionEndExcluding": "1.0.5.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs710tup:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D6F019BC-8BBB-40F4-A05C-172DCAC705C7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs716tp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E57F0167-9C61-44FB-A7BB-70F0A9247DB8",
            "versionEndExcluding": "1.0.4.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs716tp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C9D88DD2-CE3F-431C-8FC8-01CBFB5AFED1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs716tpp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "421B0F3A-9A03-42B0-8B45-E77DFE176A6F",
            "versionEndExcluding": "1.0.4.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs716tpp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6DB3B313-1667-401C-92CF-EBB03CF91010"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs724tpp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "339698F2-2727-469D-82E4-8E025FCBB106",
            "versionEndExcluding": "2.0.6.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs724tpp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6EB10210-B401-4944-832A-D31AEA8B3952"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs724tp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7710FD29-3D79-4260-875D-48BBC8B173BE",
            "versionEndExcluding": "2.0.6.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs724tp:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E871CCB4-8093-44AE-B289-CF81F82A9DB8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs728tpp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51DB59CF-E8E6-4EE9-9E08-A50ED97250F5",
            "versionEndExcluding": "2.0.6.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs728tpp:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FC4DE9FB-CAD5-45F9-A11C-1C20EE2FF3A1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs728tp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2C8E748-482C-4CF6-ACE0-21ABB3799CD4",
            "versionEndExcluding": "2.0.6.3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs728tp:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7126D4F8-2E3C-478B-9BD2-8055DFB48D8D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs750e_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDFC5B41-EBAC-42C9-B12E-AAACC199F324",
            "versionEndExcluding": "1.0.1.10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs750e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A56285CF-1BD8-4BB5-AC9C-9EDDFCFC9E5C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs752tpp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00504A9F-EBE8-4D88-98C6-52CC260EC944",
            "versionEndExcluding": "6.0.8.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs752tpp:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "995D8E9F-7AE6-4A17-A728-7190FB2CE8BC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:gs752tp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13F7E762-95AB-4E8F-865C-C29A6B41DC4F",
            "versionEndExcluding": "6.0.8.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:gs752tp:v2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CDD4D404-9A22-408B-89CF-5107B809CB90"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ms510txm_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D620D42-9365-4A5E-957C-ADB9EAD56D8C",
            "versionEndExcluding": "1.0.4.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ms510txm:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5CF12A57-ACFA-48AA-B41C-06EB7095C800"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ms510txup_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD52B5A4-0CF4-4E80-BD9B-05C1DFB855D2",
            "versionEndExcluding": "1.0.4.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ms510txup:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D3A918F0-36BB-4EDE-98B8-00C3DC8F7BB5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
