PT-2021-4631 · NetGear · Netgear R7000+10
Xinan Zhou
·
Published
2021-09-27
·
Updated
2022-01-20
·
CVE-2021-34977
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
NETGEAR R7000 version 1.0.11.116 10.2.100
NETGEAR D7000v2 (affected versions not specified)
NETGEAR R6400 (affected versions not specified)
NETGEAR R6400v2 (affected versions not specified)
NETGEAR R6700v3 (affected versions not specified)
NETGEAR R6900P (affected versions not specified)
NETGEAR R7000P (affected versions not specified)
NETGEAR R8300 (affected versions not specified)
NETGEAR R8500 (affected versions not specified)
NETGEAR RS400 (affected versions not specified)
NETGEAR XR300 (affected versions not specified)
Description
This issue allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR routers. The specific flaw exists within the processing of SOAP requests, resulting from the lack of proper authentication verification before performing a password reset. An attacker can leverage this issue to reset the admin password. The vulnerability is related to deficiencies in the authentication procedure before executing a password reset.
Recommendations
For NETGEAR R7000 version 1.0.11.116 10.2.100, consider disabling the SOAP request processing functionality until a patch is available.
For other affected NETGEAR models, at the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Improper Authentication
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Netgear D7000V2
Netgear R6400
Netgear R6400V2
Netgear R6700V3
Netgear R6900P
Netgear R7000
Netgear R7000P
Netgear R8300
Netgear R8500
Netgear Rs400
Netgear Xr300