Link | Resource |
---|---|
https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders | Patch Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-263/ | Third Party Advisory VDB Entry |
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
AND |
|
Configuration 21 (hide)
AND |
|
Configuration 22 (hide)
AND |
|
Configuration 23 (hide)
AND |
|
Configuration 24 (hide)
AND |
|
Configuration 25 (hide)
AND |
|
Configuration 26 (hide)
AND |
|
Configuration 27 (hide)
AND |
|
Configuration 28 (hide)
AND |
|
Configuration 29 (hide)
AND |
|
Configuration 30 (hide)
AND |
|
Configuration 31 (hide)
AND |
|
Configuration 32 (hide)
AND |
|
Configuration 33 (hide)
AND |
|
Configuration 34 (hide)
AND |
|
Configuration 35 (hide)
AND |
|
Configuration 36 (hide)
AND |
|
Configuration 37 (hide)
AND |
|
Configuration 38 (hide)
AND |
|
Configuration 39 (hide)
AND |
|
Configuration 40 (hide)
AND |
|
Configuration 41 (hide)
AND |
|
Configuration 42 (hide)
AND |
|
Configuration 43 (hide)
AND |
|
16 Mar 2021, 19:31
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 8.3
v3 : 8.8 |
CPE | cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:* |
|
References | (N/A) https://www.zerodayinitiative.com/advisories/ZDI-21-263/ - Third Party Advisory, VDB Entry | |
References | (N/A) https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders - Patch, Vendor Advisory |
05 Mar 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
Summary | This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360. |
05 Mar 2021, 20:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Published : 2021-03-05 20:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-27255
Mitre link : CVE-2021-27255
CVE.ORG link : CVE-2021-27255
JSON object : View
netgear
- rbk12_firmware
- xr450
- rbr10
- rbs40_firmware
- rbs50y_firmware
- rbk40
- rbk43_firmware
- ex8000_firmware
- d7800_firmware
- rbk23
- rbk20
- rbk44
- br500
- rbr50
- rbk23_firmware
- rbs10_firmware
- rbk15_firmware
- ex6400
- ex6400v2_firmware
- ex6400_firmware
- rbk15
- rbk50
- ex7700_firmware
- rbs20
- ex6250_firmware
- ex6100v2_firmware
- lbr20
- xr500
- ex6410
- rbk43
- xr700_firmware
- r8900_firmware
- ex6100v2
- rbr20_firmware
- rbk44_firmware
- rbs50_firmware
- rbk14
- br500_firmware
- ex7320
- rbs20_firmware
- rbk50_firmware
- lbr20_firmware
- ex6250
- ex8000
- rbr40
- rbs40
- rbr10_firmware
- rbk12
- ex6420_firmware
- rbk53
- ex6400v2
- ex6420
- r9000_firmware
- r8900
- rbr50_firmware
- rbr40_firmware
- rbr20
- rbk43s
- xr700
- ex7300_firmware
- r7800_firmware
- rbk43s_firmware
- rbk53_firmware
- r7800
- ex6150v2
- rbk40_firmware
- rbs10
- ex7320_firmware
- ex6150v2_firmware
- rbk14_firmware
- r9000
- rbs50y
- rbk20_firmware
- ex6410_firmware
- xr500_firmware
- ex7300v2_firmware
- ex7300v2
- xr450_firmware
- ex7300
- d7800
- rbk13_firmware
- rbk13
- br200_firmware
- br200
- rbs50
- ex7700
Missing Authentication for Critical Function