CVE-2021-45548

{"id": "CVE-2021-45548", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.5, "exploitabilityScore": 0.8}]}, "published": "2021-12-26T01:15:15.273", "references": [{"url": "https://kb.netgear.com/000064450/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0207", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22."}, {"lang": "es", "value": "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un usuario autenticado. Esto afecta a D7800 versiones anteriores a 1.0.1.60, DM200 versiones anteriores a 1.0.0.66, EX2700 versiones anteriores a 1.0.1.56, EX6150v2 versiones anteriores a 1.0.1.86, EX6200v2 versiones anteriores a 1.0.1.86, EX6250 versiones anteriores a 1.0.0.128, EX6400 versiones anteriores a 1.0. 2.144, EX6400v2 versiones anteriores a 1.0.0.128, EX6410 versiones anteriores a 1.0.0.128, EX6420 versiones anteriores a 1.0.0.128, EX7300 versiones anteriores a 1.0.2.144, EX7300v2 versiones anteriores a 1.0.0.128, EX7320 versiones anteriores a 1.0.0.128, R7500v2 versiones anteriores a 1. 0.3.46, R7800 versiones anteriores a 1.0.2.74, R8900 versiones anteriores a 1.0.5.26, R9000 versiones anteriores a 1.0.5.2, RAX120 versiones anteriores a 1.0.1.128, WN3000RPv2 versiones anteriores a 1.0.0.78, WN3000RPv3 versiones anteriores a 1.0.2.80, WNR2000v5 versiones anteriores a 1. 0.0.74, XR500 versiones anteriores a 2.3.2.66, RBK20 versiones anteriores a 2.7.3.22, RBR20 versiones anteriores a 2.7.3.22, RBS20 versiones anteriores a 2.7.3.22, RBK40 versiones anteriores a 2.7.3.22, RBR40 versiones anteriores a 2.7.3.22 y RBS40 versiones anteriores a 2.7.3.22"}], "lastModified": "2022-01-10T16:06:32.407", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CBD5FC4-2EF7-49A9-8F23-C9398441E7BD", "versionEndExcluding": "1.0.1.60"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DA2D4987-3726-4A72-8D32-592F59FAC46D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:dm200_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFD91F26-5253-4A05-AB69-94CB2C416F83", "versionEndExcluding": "1.0.0.66"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:dm200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1B048F71-70F1-4D9F-84E2-9F7340F6ADAB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDB07B26-FD18-4023-A143-E890076FF68A", "versionEndExcluding": "1.0.1.56"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5341B659-DE7D-43F1-954D-82049CBE18AD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5AC48A9A-9B6B-4E46-A022-958939EB2827", "versionEndExcluding": "1.0.1.86"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5828F04B-E373-4E4F-942D-08CCA038418C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex6200v2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "033E6FD3-A903-438D-88B2-F6AF7B2ECBCE", "versionEndExcluding": "1.0.1.86"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex6200v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2141AE0A-18CB-4142-A850-B2153DAEE5A8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB1C84E8-B947-4850-9D66-E306557DC316", "versionEndExcluding": "1.0.0.128"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B7694D0C-2CC6-4A6E-A251-5CBFC67D2AA9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C515A99-8AC2-404F-BD64-9043C72EC4EC", "versionEndExcluding": "1.0.2.144"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1289BBB4-1955-46A4-B5FE-BF11153C24F5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22C5E2C9-E8DA-478A-B3B1-2C0038B5D560", "versionEndExcluding": "1.0.0.128"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5882095F-B22A-4937-BA08-6640140F10AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DD3A7D2-75CE-4C67-AAE2-75F09653DFA7", "versionEndExcluding": "1.0.0.128"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C63267D8-4632-4D14-B39C-BEEC62AD8F87"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "270D7E5A-4680-4F01-ADBA-8A8B7368CBAA", "versionEndExcluding": "1.0.0.128"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0B2C00E1-4A23-4304-B92F-B7D9F4818D90"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC45DE2E-BC27-4710-A237-1EFB4CD06299", "versionEndExcluding": "1.0.2.144"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F285D60D-A5DA-4467-8F79-15EF8135D007"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3B1295F-3207-4DF4-BA5B-0DE7AB289636", "versionEndExcluding": "1.0.0.128"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0A88D2A3-3B22-4639-94E9-69CE80F37392"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EE4BFF4-42DA-4A09-892E-6FBBE72B28A6", "versionEndExcluding": "1.0.0.128"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1D4DF51-84EA-4296-9E06-CE5E1F4A53D1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r7500v2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "801B6E47-327F-4C7F-B3BD-CC08F94B19AC", "versionEndExcluding": "1.0.3.46"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r7500v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2BCA6487-57EC-4630-884F-820BBFE25843"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C393DBF4-8281-4611-B591-CDB9DF0AA958", "versionEndExcluding": "1.0.2.74"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "17CF7445-6950-45FE-9D1A-E23F63316329"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "617156D5-63CB-4533-A816-C7FCA2F1C0EF", "versionEndExcluding": "1.0.5.26"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F859165-8D89-4CDD-9D48-9C7923D2261F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3A5762A-D32D-459B-B6CE-C54F8704BDEF", "versionEndExcluding": "1.0.5.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D74F1BFC-562E-4E7D-BBAB-2F8B593B5A57"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B47F077-65E9-4971-975A-357B6CD4017F", "versionEndExcluding": "1.0.1.128"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1742BD56-84E4-40E1-8C04-098B3715161E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA82BFA7-9B98-408C-BE81-E8D7532780A2", "versionEndExcluding": "1.0.0.78"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "50BC8FA2-F9D5-4286-97DD-BD2A55EA234D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29D544D2-5FF5-4C86-94A9-5562B277ABDC", "versionEndExcluding": "1.0.2.80"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "958243A2-6829-464F-80EA-7DD5B6F0DD7A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E158EE92-A472-447D-BFFE-F2A74674326F", "versionEndExcluding": "1.0.0.74"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:wnr2000v5_firmware:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F024A464-DB7D-4F6E-A951-3D8068F86470"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BCFB551-95C6-4EEF-83F0-4246F67E6668", "versionEndExcluding": "2.3.2.66"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E203D92-F97B-4F5B-B395-3A5DEDBF1C1C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4021DFA-AEBD-4C6C-9793-48171990F8B3", "versionEndExcluding": "2.7.3.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6C9F31C-3E12-4787-9C9B-14883D9D152A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E0AC598-D991-49E0-86ED-4ABF0E42E504", "versionEndExcluding": "2.7.3.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AE5DBD66-9C2A-4EFF-87AB-03E791D584B5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C936668-6B8C-4497-A5A3-7C4B6CADB09B", "versionEndExcluding": "2.7.3.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "14FC7F5B-7E4F-4A68-8427-D1F553EBE8CA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA096BE4-3AE5-4AEA-B4C4-359D3A0C7F1E", "versionEndExcluding": "2.7.3.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12DDD83C-6FF1-433F-ACA1-7B4B147F9A8C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FD3226E-1B9D-420E-AD7B-7D1DDC867D3F", "versionEndExcluding": "2.7.3.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A9E20E59-2B1E-4E43-A494-2C20FD716D4F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40435599-FC79-4563-BF8B-BB1F84BDA82D", "versionEndExcluding": "2.7.3.22"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6FDCDE39-0355-43B9-BF57-F3718DA2988D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}