Link | Resource |
---|---|
https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders | Patch Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-264/ | Third Party Advisory VDB Entry |
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
AND |
|
Configuration 21 (hide)
AND |
|
Configuration 22 (hide)
AND |
|
Configuration 23 (hide)
AND |
|
Configuration 24 (hide)
AND |
|
Configuration 25 (hide)
AND |
|
Configuration 26 (hide)
AND |
|
Configuration 27 (hide)
AND |
|
Configuration 28 (hide)
AND |
|
Configuration 29 (hide)
AND |
|
Configuration 30 (hide)
AND |
|
Configuration 31 (hide)
AND |
|
Configuration 32 (hide)
AND |
|
Configuration 33 (hide)
AND |
|
Configuration 34 (hide)
AND |
|
Configuration 35 (hide)
AND |
|
Configuration 36 (hide)
AND |
|
Configuration 37 (hide)
AND |
|
Configuration 38 (hide)
AND |
|
Configuration 39 (hide)
AND |
|
Configuration 40 (hide)
AND |
|
Configuration 41 (hide)
AND |
|
Configuration 42 (hide)
AND |
|
Configuration 43 (hide)
AND |
|
17 Mar 2021, 14:04
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 3.3
v3 : 6.5 |
CPE | cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:* |
|
References | (N/A) https://www.zerodayinitiative.com/advisories/ZDI-21-264/ - Third Party Advisory, VDB Entry | |
References | (N/A) https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders - Patch, Vendor Advisory |
05 Mar 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
Summary | This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362. |
05 Mar 2021, 20:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Published : 2021-03-05 20:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-27257
Mitre link : CVE-2021-27257
CVE.ORG link : CVE-2021-27257
JSON object : View
netgear
- rbk15
- rbs50_firmware
- ex8000_firmware
- rbk12
- rbr40_firmware
- r7800_firmware
- ex7320
- ex7300
- rbs20
- rbr20_firmware
- xr700_firmware
- rbs40
- br200
- rbk43s
- rbr10_firmware
- rbs20_firmware
- rbk14
- rbk43s_firmware
- rbk43_firmware
- rbk20
- br500
- rbs10
- ex6410_firmware
- rbk43
- br200_firmware
- ex6420_firmware
- ex6150v2
- rbk40_firmware
- ex6400_firmware
- xr450
- rbk40
- xr450_firmware
- ex6250_firmware
- rbs10_firmware
- r9000_firmware
- rbk23
- ex6420
- ex7700_firmware
- rbk23_firmware
- rbs50y_firmware
- br500_firmware
- ex6400v2_firmware
- ex6400v2
- r7800
- ex6100v2
- ex7300v2
- ex8000
- xr500
- rbs50y
- lbr20_firmware
- rbk13_firmware
- ex7300_firmware
- rbk14_firmware
- ex6410
- rbk20_firmware
- rbk50_firmware
- rbr20
- rbs40_firmware
- rbr50
- d7800_firmware
- ex6100v2_firmware
- rbk53_firmware
- r8900_firmware
- rbk12_firmware
- rbk44
- ex6250
- lbr20
- rbk53
- xr500_firmware
- ex6150v2_firmware
- ex7700
- ex7300v2_firmware
- r9000
- rbk15_firmware
- ex6400
- rbk13
- d7800
- rbr10
- xr700
- rbs50
- rbk44_firmware
- rbr40
- r8900
- rbk50
- rbr50_firmware
- ex7320_firmware
Improper Certificate Validation