CVE-2021-45617

Name of the Vulnerable Software and Affected Versions NETGEAR CBR40 versions prior to 2.5.0.24 NETGEAR EAX20 versions prior to 1.0.0.48 NETGEAR EAX80 versions prior to 1.0.1.64 NETGEAR EX7500 versions prior to 1.0.0.72 NETGEAR R6400 versions prior to 1.0.1.68 NETGEAR R6900P versions prior to 1.3.2.132 NETGEAR R7000 versions prior to 1.0.11.116 NETGEAR R7000P versions prior to 1.3.2.132 NETGEAR R7900 versions prior to 1.0.4.38 NETGEAR R7960P versions prior to 1.4.1.66 NETGEAR R8000 versions prior to 1.0.4.66 NETGEAR RAX200 versions prior to 1.0.3.106 NETGEAR RS400 versions prior to 1.5.1.80 NETGEAR XR300 versions prior to 1.0.3.68 NETGEAR MK62 versions prior to 1.0.6.110 NETGEAR MR60 versions prior to 1.0.6.110 NETGEAR R6400v2 versions prior to 1.0.4.106 NETGEAR R8000P versions prior to 1.4.1.66 NETGEAR RAX20 versions prior to 1.0.2.64 NETGEAR RAX45 versions prior to 1.0.2.82 NETGEAR RAX80 versions prior to 1.0.3.106 NETGEAR MS60 versions prior to 1.0.6.110 NETGEAR R6700v3 versions prior to 1.0.4.106 NETGEAR R7900P versions prior to 1.4.1.66 NETGEAR RAX15 versions prior to 1.0.2.64 NETGEAR RAX50 versions prior to 1.0.2.82 NETGEAR RAX75 versions prior to 1.0.3.106 NETGEAR RBR750 versions prior to 3.2.16.22 NETGEAR RBR850 versions prior to 3.2.16.22 NETGEAR RBS750 versions prior to 3.2.16.22 NETGEAR RBS850 versions prior to 3.2.16.22 NETGEAR RBK752 versions prior to 3.2.16.22 NETGEAR RBK852 versions prior to 3.2.16.22

Description The issue is related to command injection by an unauthenticated attacker due to insufficient input validation in the embedded software of NETGEAR Wi-Fi routers. This allows a remote attacker to execute arbitrary commands.

Recommendations Update NETGEAR CBR40 to version 2.5.0.24 or later Update NETGEAR EAX20 to version 1.0.0.48 or later Update NETGEAR EAX80 to version 1.0.1.64 or later Update NETGEAR EX7500 to version 1.0.0.72 or later Update NETGEAR R6400 to version 1.0.1.68 or later Update NETGEAR R6900P to version 1.3.2.132 or later Update NETGEAR R7000 to version 1.0.11.116 or later Update NETGEAR R7000P to version 1.3.2.132 or later Update NETGEAR R7900 to version 1.0.4.38 or later Update NETGEAR R7960P to version 1.4.1.66 or later Update NETGEAR R8000 to version 1.0.4.66 or later Update NETGEAR RAX200 to version 1.0.3.106 or later Update NETGEAR RS400 to version 1.5.1.80 or later Update NETGEAR XR300 to version 1.0.3.68 or later Update NETGEAR MK62 to version 1.0.6.110 or later Update NETGEAR MR60 to version 1.0.6.110 or later Update NETGEAR R6400v2 to version 1.0.4.106 or later Update NETGEAR R8000P to version 1.4.1.66 or later Update NETGEAR RAX20 to version 1.0.2.64 or later Update NETGEAR RAX45 to version 1.0.2.82 or later Update NETGEAR RAX80 to version 1.0.3.106 or later Update NETGEAR MS60 to version 1.0.6.110 or later Update NETGEAR R6700v3 to version 1.0.4.106 or later Update NETGEAR R7900P to version 1.4.1.66 or later Update NETGEAR RAX15 to version 1.0.2.64 or later Update NETGEAR RAX50 to version 1.0.2.82 or later Update NETGEAR RAX75 to version 1.0.3.106 or later Update NETGEAR RBR750 to version 3.2.16.22 or later Update NETGEAR RBR850 to version 3.2.16.22 or later Update NETGEAR RBS750 to version 3.2.16.22 or later Update NETGEAR RBS850 to version 3.2.16.22 or later Update NETGEAR RBK752 to version 3.2.16.22 or later Update NETGEAR RBK852 to version 3.2.16.22 or later