PT-2021-5750 · NetGear · Netgear R7000P+1

Published

2021-09-25

Updated

2022-07-12

CVE-2021-45500

CVSS v3.1

9.6

Critical

Vector

AC:L/AV:A/A:L/C:H/I:H/PR:N/S:C/UI:N

Name of the Vulnerable Software and Affected Versions NETGEAR R7000P versions prior to 1.3.3.140 NETGEAR R8000 versions prior to 1.0.4.68

Description The issue is related to authentication bypass due to insufficient authentication procedure in the software of Wi-Fi routers. This can allow a remote attacker to elevate their privileges.

Recommendations For NETGEAR R7000P versions prior to 1.3.3.140, update to version 1.3.3.140 or later. For NETGEAR R8000 versions prior to 1.0.4.68, update to version 1.0.4.68 or later.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

BDU:2022-00193

CVE-2021-45500

Affected Products

Netgear R7000P

Netgear R8000

PT-2021-5750 · NetGear · Netgear R7000P+1

CVE-2021-45500

Weakness Enumeration

Related Identifiers

Affected Products

References · 4