CVE-2021-45596

Name of the Vulnerable Software and Affected Versions NETGEAR CBR750 versions prior to 4.6.3.6 NETGEAR RBK752 versions prior to 3.2.17.12 NETGEAR RBR750 versions prior to 3.2.17.12 NETGEAR RBS750 versions prior to 3.2.17.12 NETGEAR RBK852 versions prior to 3.2.17.12 NETGEAR RBR850 versions prior to 3.2.17.12 NETGEAR RBS850 versions prior to 3.2.17.12

Description The issue is related to the lack of input data sanitization in the embedded software of certain NETGEAR devices, which can be exploited by an authenticated user to inject commands. This allows a remote attacker to execute arbitrary commands.

Recommendations For NETGEAR CBR750 versions prior to 4.6.3.6, update to version 4.6.3.6 or later. For NETGEAR RBK752 versions prior to 3.2.17.12, update to version 3.2.17.12 or later. For NETGEAR RBR750 versions prior to 3.2.17.12, update to version 3.2.17.12 or later. For NETGEAR RBS750 versions prior to 3.2.17.12, update to version 3.2.17.12 or later. For NETGEAR RBK852 versions prior to 3.2.17.12, update to version 3.2.17.12 or later. For NETGEAR RBR850 versions prior to 3.2.17.12, update to version 3.2.17.12 or later. For NETGEAR RBS850 versions prior to 3.2.17.12, update to version 3.2.17.12 or later.