First published: Sun Dec 26 2021(Updated: )
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBR20 before 2.7.3.22, RBR40 before 2.7.3.22, RBR50 before 2.7.2.102, RBS20 before 2.7.3.22, RBS40 before 2.7.3.22, RBR50 before 2.7.2.102, RBK20 before 2.7.3.22, RBK40 before 2.7.3.22, and RBK50 before 2.7.2.102.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Netgear Rbr20 Firmware | <2.7.3.22 | |
Netgear Rbr20 | ||
Netgear Rbr40 Firmware | <2.7.3.22 | |
Netgear Rbr40 | ||
Netgear Rbr50 Firmware | <2.7.2.102 | |
Netgear Rbr50 | ||
Netgear Rbs20 Firmware | <2.7.3.22 | |
Netgear Rbs20 | ||
Netgear Rbs40 Firmware | <2.7.3.22 | |
Netgear Rbs40 | ||
Netgear Rbk20 Firmware | <2.7.3.22 | |
Netgear Rbk20 | ||
Netgear Rbk40 Firmware | <2.7.3.22 | |
Netgear Rbk40 | ||
Netgear Rbk50 Firmware | <2.7.2.102 | |
Netgear Rbk50 | ||
All of | ||
Netgear Rbr20 Firmware | <2.7.3.22 | |
Netgear Rbr20 | ||
All of | ||
Netgear Rbr40 Firmware | <2.7.3.22 | |
Netgear Rbr40 | ||
All of | ||
Netgear Rbr50 Firmware | <2.7.2.102 | |
Netgear Rbr50 | ||
All of | ||
Netgear Rbs20 Firmware | <2.7.3.22 | |
Netgear Rbs20 | ||
All of | ||
Netgear Rbs40 Firmware | <2.7.3.22 | |
Netgear Rbs40 | ||
All of | ||
Netgear Rbk20 Firmware | <2.7.3.22 | |
Netgear Rbk20 | ||
All of | ||
Netgear Rbk40 Firmware | <2.7.3.22 | |
Netgear Rbk40 | ||
All of | ||
Netgear Rbk50 Firmware | <2.7.2.102 | |
Netgear Rbk50 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-45593 is a vulnerability that allows an authenticated user to execute arbitrary commands on certain NETGEAR devices.
CVE-2021-45593 affects the following NETGEAR devices: RBR20, RBR40, RBR50, RBS20, RBS40, RBK20, RBK40, and RBK50.
CVE-2021-45593 has a severity rating of 6.8 (high).
To fix CVE-2021-45593, update the affected NETGEAR devices to the latest firmware versions: RBR20 2.7.3.22, RBR40 2.7.3.22, RBR50 2.7.2.102, RBS20 2.7.3.22, RBS40 2.7.3.22, RBK20 2.7.3.22, RBK40 2.7.3.22, and RBK50 2.7.2.102.
You can find more information about CVE-2021-45593 in the NETGEAR Security Advisory: https://kb.netgear.com/000064474/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0175.