PT-2021-18058 · NetGear · Netgear Wnr2000V5+2

Published

2021-03-23

Updated

2021-03-26

CVE-2021-29069

CVSS v3.1

8.4

High

Vector

AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: NETGEAR XR450 versions prior to 2.3.2.114 NETGEAR XR500 versions prior to 2.3.2.114 NETGEAR WNR2000v5 versions prior to 1.0.0.76

Description: The issue is related to command injection by an authenticated user.

Recommendations: For NETGEAR XR450 versions prior to 2.3.2.114, update to version 2.3.2.114 or later. For NETGEAR XR500 versions prior to 2.3.2.114, update to version 2.3.2.114 or later. For NETGEAR WNR2000v5 versions prior to 1.0.0.76, update to version 1.0.0.76 or later.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2021-29069

Affected Products

Netgear Wnr2000V5

Netgear Xr450

Netgear Xr500

PT-2021-18058 · NetGear · Netgear Wnr2000V5+2

CVE-2021-29069

Weakness Enumeration

Related Identifiers

Affected Products

References · 6