CVE-2021-45543: Command Injection
First published: Sun Dec 26 2021(Updated: )
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R8000 before 1.0.4.74, RAX200 before 1.0.4.120, R8000P before 1.4.2.84, R7900P before 1.4.2.84, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBK852 before 3.2.17.12.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgear R8000 Firmware | <1.0.4.74 | |
| NETGEAR R8000 | ||
| Netgear R8000p Firmware | <1.4.2.84 | |
| Netgear R8000p | ||
| Netgear Rax200 Firmware | <1.0.4.120 | |
| NETGEAR RAX200 | ||
| Netgear R7900p Firmware | =1.4.2.84 | |
| Netgear R7900p | ||
| Netgear Rbr850 Firmware | <3.2.17.12 | |
| NETGEAR RBR850 | ||
| Netgear Rbs850 Firmware | <3.2.17.12 | |
| Netgear Rbs850 | ||
| Netgear Rbk852 Firmware | <3.2.17.12 | |
| Netgear Rbk852 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the CVE ID for this vulnerability?
The CVE ID for this vulnerability is CVE-2021-45543.
Which NETGEAR devices are affected by this vulnerability?
This vulnerability affects NETGEAR devices including R8000 before 1.0.4.74, RAX200 before 1.0.4.120, R8000P before 1.4.2.84, R7900P before 1.4.2.84, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBK852 before 3.2.17.12.
What is the severity of CVE-2021-45543?
The severity of CVE-2021-45543 is high with a CVSS score of 6.8.
How does this vulnerability impact NETGEAR devices?
This vulnerability allows an authenticated user to execute arbitrary commands on the affected NETGEAR devices, potentially leading to unauthorized access and control.
How can I fix the vulnerability in my NETGEAR device?
To fix this vulnerability, you should update your affected NETGEAR device firmware to the latest version provided by the vendor.
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/tags
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/netgear
- canonical/netgear r8000 firmware
- canonical/netgear r8000
- canonical/netgear r8000p firmware
- canonical/netgear r8000p
- canonical/netgear rax200 firmware
- canonical/netgear rax200
- canonical/netgear r7900p firmware
- version/netgear r7900p firmware/1.4.2.84
- canonical/netgear r7900p
- canonical/netgear rbr850 firmware
- canonical/netgear rbr850
- canonical/netgear rbs850 firmware
- canonical/netgear rbs850
- canonical/netgear rbk852 firmware
- canonical/netgear rbk852