PT-2021-5841 · NetGear · Netgear Xr1000+2

Published

2021-12-26

Updated

2022-01-05

CVE-2021-45643

CVSS v3.1

8.2

High

Vector

AC:L/AV:A/A:N/C:H/I:L/PR:N/S:C/UI:N

Name of the Vulnerable Software and Affected Versions NETGEAR R6400v2 versions prior to 1.0.4.118 NETGEAR R6700v3 versions prior to 1.0.4.118 NETGEAR XR1000 versions prior to 1.0.0.58

Description The issue is related to the incorrect configuration of security settings in certain NETGEAR devices, which may allow a remote attacker to bypass security mechanisms.

Recommendations For NETGEAR R6400v2 versions prior to 1.0.4.118, update to version 1.0.4.118 or later. For NETGEAR R6700v3 versions prior to 1.0.4.118, update to version 1.0.4.118 or later. For NETGEAR XR1000 versions prior to 1.0.0.58, update to version 1.0.0.58 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

BDU:2022-00356

CVE-2021-45643

Affected Products

Netgear R6400V2

Netgear R6700V3

Netgear Xr1000

PT-2021-5841 · NetGear · Netgear Xr1000+2

CVE-2021-45643

Weakness Enumeration

Related Identifiers

Affected Products

References · 4