CVE-2021-45547

Name of the Vulnerable Software and Affected Versions NETGEAR R7850 versions prior to 1.0.5.74 NETGEAR R7900P versions prior to 1.4.2.84 NETGEAR R7960P versions prior to 1.4.2.84 NETGEAR R8000 versions prior to 1.0.4.74 NETGEAR R8000P versions prior to 1.4.2.84 NETGEAR RAX200 versions prior to 1.0.4.120 NETGEAR RAX75 versions prior to 1.0.4.120 NETGEAR RAX80 versions prior to 1.0.4.120 NETGEAR RBK752 versions prior to 3.2.17.12 NETGEAR RBK852 versions prior to 3.2.17.12 NETGEAR RBR750 versions prior to 3.2.17.12 NETGEAR RBR850 versions prior to 3.2.17.12 NETGEAR RBS750 versions prior to 3.2.17.12 NETGEAR RBS850 versions prior to 3.2.17.12

Description The issue is related to the lack of input data sanitization in the embedded software of certain NETGEAR devices, which can be exploited by an authenticated user to inject commands. This could allow a remote attacker to execute arbitrary commands.

Recommendations Update R7850 to version 1.0.5.74 or later Update R7900P to version 1.4.2.84 or later Update R7960P to version 1.4.2.84 or later Update R8000 to version 1.0.4.74 or later Update R8000P to version 1.4.2.84 or later Update RAX200 to version 1.0.4.120 or later Update RAX75 to version 1.0.4.120 or later Update RAX80 to version 1.0.4.120 or later Update RBK752 to version 3.2.17.12 or later Update RBK852 to version 3.2.17.12 or later Update RBR750 to version 3.2.17.12 or later Update RBR850 to version 3.2.17.12 or later Update RBS750 to version 3.2.17.12 or later Update RBS850 to version 3.2.17.12 or later