PT-2021-5749 · NetGear · R7000P+6
Published
2021-12-20
·
Updated
2022-07-12
·
CVE-2021-45499
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
R6900P versions prior to 1.3.3.140
R7000P versions prior to 1.3.3.140
R7900P versions prior to 1.4.2.84
R7960P versions prior to 1.4.2.84
R8000P versions prior to 1.4.2.84
RAX75 versions prior to 1.0.3.106
RAX80 versions prior to 1.0.3.106
Description
The issue is related to authentication bypass in certain NETGEAR devices. It is associated with shortcomings in the authentication procedure, which can be exploited by a remote attacker to elevate their privileges.
Recommendations
For R6900P version prior to 1.3.3.140, update to version 1.3.3.140 or later.
For R7000P version prior to 1.3.3.140, update to version 1.3.3.140 or later.
For R7900P version prior to 1.4.2.84, update to version 1.4.2.84 or later.
For R7960P version prior to 1.4.2.84, update to version 1.4.2.84 or later.
For R8000P version prior to 1.4.2.84, update to version 1.4.2.84 or later.
For RAX75 version prior to 1.0.3.106, update to version 1.0.3.106 or later.
For RAX80 version prior to 1.0.3.106, update to version 1.0.3.106 or later.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
R6900P
R7000P
R7900P
R7960P
R8000P
Rax75
Rax80