CVE-2021-45526

Published Dec 26, 2021
Last updated 3 years ago
CVSS high 8.8
Overview

Description: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX6000 before 1.0.0.38, EX6120 before 1.0.0.48, EX6130 before 1.0.0.30, R6300v2 before 1.0.4.52, R6400 before 1.0.1.52, R7000 before 1.0.11.126, R7900 before 1.0.4.30, R8000 before 1.0.4.52, R7000P before 1.3.2.124, R8000P before 1.4.1.50, RAX80 before 1.0.3.88, R6900P before 1.3.2.124, R7900P before 1.4.1.50, and RAX75 before 1.0.3.88.
Source: cve@mitre.org
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-120
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8357471-53D2-4FCF-85CD-7D4297960841",
            "versionEndExcluding": "1.0.0.38"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C4313A2-5182-4F64-9643-AA21B1CBA5B5",
            "versionEndExcluding": "1.0.0.48"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27DD717D-FA39-403C-929E-09CB8998FC41",
            "versionEndExcluding": "1.0.0.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E00ABB7-A3E9-4E41-82CB-3AADC276C3AC",
            "versionEndExcluding": "1.0.4.52"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7909744D-FE9B-49D1-ADB3-029CCC432A47"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30668750-EAE9-4C89-A5DA-9DF28E8E1AE4",
            "versionEndExcluding": "1.0.1.52"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0E06EFF-9D71-43DB-A304-9A41998FD68A",
            "versionEndExcluding": "1.0.11.126"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6364559-B141-43AE-B40A-506B79BCC3AA",
            "versionEndExcluding": "1.0.4.30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D444B09-82DA-4225-A292-B28232408A7B",
            "versionEndExcluding": "1.0.4.52"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D3F1622-F2B7-41F0-87F0-61F4ACB270C8",
            "versionEndExcluding": "1.4.1.50"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C6F506A-464D-4BDE-8F9B-D537D3C7E137",
            "versionEndExcluding": "1.3.2.124"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "037B3660-20DD-4164-81EC-E4D86C60BA45",
            "versionEndExcluding": "1.0.3.88"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1E37B9E-709E-41EE-AE43-B3164D68CF6B",
            "versionEndExcluding": "1.0.3.88"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61DE3850-1661-43D1-9E52-31E2E01979EE",
            "versionEndExcluding": "1.3.2.124"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B02CB0A-BBB8-4A64-93B3-7CA1DF7B7299",
            "versionEndExcluding": "1.4.1.50"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
