PT-2021-5884 · NetGear · Srr60+7
Published
2021-12-22
·
Updated
2022-01-07
·
CVE-2021-45645
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
RBS50Y versions prior to 2.7.0.122
SRK60 versions prior to 2.7.0.122
SRR60 versions prior to 2.7.0.122
SRS60 versions prior to 2.7.0.122
SXK30 versions prior to 3.2.33.108
SXR30 versions prior to 3.2.33.108
SXS30 versions prior to 3.2.33.108
SRC60 versions prior to 2.7.0.122
Description
The issue is related to the incorrect configuration of security settings in certain NETGEAR devices, which may allow a remote attacker to compromise the integrity and confidentiality of protected information. This is due to insufficient protection of service data.
Recommendations
For RBS50Y versions prior to 2.7.0.122, update to version 2.7.0.122 or later.
For SRK60 versions prior to 2.7.0.122, update to version 2.7.0.122 or later.
For SRR60 versions prior to 2.7.0.122, update to version 2.7.0.122 or later.
For SRS60 versions prior to 2.7.0.122, update to version 2.7.0.122 or later.
For SXK30 versions prior to 3.2.33.108, update to version 3.2.33.108 or later.
For SXR30 versions prior to 3.2.33.108, update to version 3.2.33.108 or later.
For SXS30 versions prior to 3.2.33.108, update to version 3.2.33.108 or later.
For SRC60 versions prior to 2.7.0.122, update to version 2.7.0.122 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rbs50Y
Src60
Srk60
Srr60
Srs60
Sxk30
Sxr30
Sxs30