First published: Sun Dec 26 2021(Updated: )
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R8000 before 1.0.4.74, RAX200 before 1.0.4.120, R8000P before 1.4.2.84, R7900P before 1.4.2.84, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBK852 before 3.2.17.12.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Netgear R8000 Firmware | <1.0.4.74 | |
NETGEAR R8000 | ||
Netgear R8000p Firmware | <1.4.2.84 | |
Netgear R8000p | ||
Netgear Rax200 Firmware | <1.0.4.120 | |
NETGEAR RAX200 | ||
Netgear R7900p Firmware | =1.4.2.84 | |
Netgear R7900p | ||
Netgear Rbr850 Firmware | <3.2.17.12 | |
NETGEAR RBR850 | ||
Netgear Rbs850 Firmware | <3.2.17.12 | |
Netgear Rbs850 | ||
Netgear Rbk852 Firmware | <3.2.17.12 | |
Netgear Rbk852 | ||
All of | ||
Netgear R8000 Firmware | <1.0.4.74 | |
NETGEAR R8000 | ||
All of | ||
Netgear R8000p Firmware | <1.4.2.84 | |
Netgear R8000p | ||
All of | ||
Netgear Rax200 Firmware | <1.0.4.120 | |
NETGEAR RAX200 | ||
All of | ||
Netgear R7900p Firmware | =1.4.2.84 | |
Netgear R7900p | ||
All of | ||
Netgear Rbr850 Firmware | <3.2.17.12 | |
NETGEAR RBR850 | ||
All of | ||
Netgear Rbs850 Firmware | <3.2.17.12 | |
Netgear Rbs850 | ||
All of | ||
Netgear Rbk852 Firmware | <3.2.17.12 | |
Netgear Rbk852 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The CVE ID for this vulnerability is CVE-2021-45543.
This vulnerability affects NETGEAR devices including R8000 before 1.0.4.74, RAX200 before 1.0.4.120, R8000P before 1.4.2.84, R7900P before 1.4.2.84, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBK852 before 3.2.17.12.
The severity of CVE-2021-45543 is high with a CVSS score of 6.8.
This vulnerability allows an authenticated user to execute arbitrary commands on the affected NETGEAR devices, potentially leading to unauthorized access and control.
To fix this vulnerability, you should update your affected NETGEAR device firmware to the latest version provided by the vendor.