CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-45630

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0020%
EPSS Percentile22.46th
Published2021年12月26日
Last Modified2024年11月21日

Vulnerability Description

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.

Affected Platforms (CPE)

💻
Netgear

Cbr40 Firmware

< 2.5.0.24
💻
Netgear

Cbr750 Firmware

< 4.6.3.6
💻
Netgear

Rbk752 Firmware

< 3.2.17.12
💻
Netgear

Rbr750 Firmware

< 3.2.17.12
💻
Netgear

Rbs750 Firmware

< 3.2.17.12
💻
Netgear

Rbk852 Firmware

< 3.2.17.12
💻
Netgear

Rbr850 Firmware

< 3.2.17.12
💻
Netgear

Rbs850 Firmware

< 3.2.17.12

References & Advisories

🔗 https://kb.netgear.com/000064135/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0498
🔗 https://kb.netgear.com/000064135/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0498

相關漏洞威脅

CVE-2021-4155610.0

sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to ...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-4422810.0

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration...

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...