First published: Sun Dec 26 2021(Updated: )
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.58, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.108, and XR700 before 1.0.1.20.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Netgear D7800 Firmware | <1.0.1.58 | |
Netgear D7800 | ||
Netgear R7500v2 Firmware | <1.0.3.48 | |
Netgear R7500v2 | ||
NETGEAR R7800 firmware | <1.0.2.68 | |
NETGEAR R7800 | ||
Netgear R8900 Firmware | <1.0.5.2 | |
NETGEAR R8900 | ||
Netgear R9000 Firmware | <1.0.5.2 | |
NETGEAR R9000 | ||
Netgear Rax120 Firmware | <=1.0.1.108 | |
Netgear Rax120 | ||
Netgear Xr700 Firmware | <1.0.1.20 | |
Netgear Xr700 | ||
All of | ||
Netgear D7800 Firmware | <1.0.1.58 | |
Netgear D7800 | ||
All of | ||
Netgear R7500v2 Firmware | <1.0.3.48 | |
Netgear R7500v2 | ||
All of | ||
NETGEAR R7800 firmware | <1.0.2.68 | |
NETGEAR R7800 | ||
All of | ||
Netgear R8900 Firmware | <1.0.5.2 | |
NETGEAR R8900 | ||
All of | ||
Netgear R9000 Firmware | <1.0.5.2 | |
NETGEAR R9000 | ||
All of | ||
Netgear Rax120 Firmware | <=1.0.1.108 | |
Netgear Rax120 | ||
All of | ||
Netgear Xr700 Firmware | <1.0.1.20 | |
Netgear Xr700 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-45552 is a vulnerability that allows an authenticated user to perform command injection on certain NETGEAR devices.
CVE-2021-45552 affects D7800 before 1.0.1.58, R7500v2 before 1.0.3.48, R7800 before 1.0.2.68, R8900 before 1.0.5.2, R9000 before 1.0.5.2, RAX120 before 1.0.1.108, and XR700 before 1.0.1.20.
CVE-2021-45552 has a severity of 7.2 (High).
An authenticated user can exploit CVE-2021-45552 by injecting and executing arbitrary commands.
To fix CVE-2021-45552, ensure you are running the latest firmware version for your NETGEAR device.