What is the severity of CVE-2021-45619?

CVE-2021-45619 is classified as a high-severity vulnerability due to its potential for command injection by unauthenticated attackers.

How do I fix CVE-2021-45619?

To mitigate CVE-2021-45619, users should upgrade their affected NETGEAR devices to the latest firmware versions that address this vulnerability.

Which devices are affected by CVE-2021-45619?

CVE-2021-45619 affects several NETGEAR devices including, but not limited to, EX6200v2, EX6250, EX7700, and R7800.

Can CVE-2021-45619 be exploited remotely?

Yes, CVE-2021-45619 can be exploited remotely by an unauthenticated attacker, increasing the risk associated with this vulnerability.

What type of vulnerability is CVE-2021-45619?

CVE-2021-45619 is a command injection vulnerability that allows attackers to execute arbitrary commands on affected systems.

Vulnerability/
CVE-2021-45619

critical

CWE

26/12/2021

21/11/2024

CVE-2021-45619: Command Injection

First published: Sun Dec 26 2021(Updated: )

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.134, EX7700 before 1.0.0.216, EX8000 before 1.0.1.232, LBR1020 before 2.6.3.58, LBR20 before 2.6.3.50, R7800 before 1.0.2.80, R8900 before 1.0.5.26, R9000 before 1.0.5.26, RBS50Y before 2.7.3.22, WNR2000v5 before 1.0.0.76, XR700 before 1.0.1.36, EX6150v2 before 1.0.1.98, EX7300 before 1.0.2.158, EX7320 before 1.0.0.134, RAX10 before 1.0.2.88, RAX120 before 1.2.0.16, RAX70 before 1.0.2.88, EX6100v2 before 1.0.1.98, EX6400 before 1.0.2.158, EX7300v2 before 1.0.0.134, R6700AX before 1.0.2.88, RAX120v2 before 1.2.0.16, RAX78 before 1.0.2.88, EX6410 before 1.0.0.134, RBR10 before 2.7.3.22, RBR20 before 2.7.3.22, RBR350 before 4.3.4.7, RBR40 before 2.7.3.22, RBR50 before 2.7.3.22, EX6420 before 1.0.0.134, RBS10 before 2.7.3.22, RBS20 before 2.7.3.22, RBS350 before 4.3.4.7, RBS40 before 2.7.3.22, RBS50 before 2.7.3.22, EX6400v2 before 1.0.0.134, RBK12 before 2.7.3.22, RBK20 before 2.7.3.22, RBK352 before 4.3.4.7, RBK40 before 2.7.3.22, and RBK50 before 2.7.3.22.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
All of
NETGEAR EX6250	<1.0.0.134
NETGEAR EX6250
All of
NETGEAR EX7700	<1.0.0.216
NETGEAR EX7700
All of
NETGEAR EX8000	<1.0.1.232
NETGEAR EX8000
All of
NETGEAR LBR1020 firmware	<2.6.3.58
NETGEAR LBR1020 firmware
All of
NETGEAR LBR20 firmware	<2.6.3.50
NETGEAR LBR20 firmware
All of
NETGEAR R7800 firmware	<1.0.2.80
NETGEAR R7800
All of
NETGEAR R8900 firmware	<1.0.5.26
NETGEAR R8900
All of
NETGEAR RBS50Y firmware	<2.7.3.22
NETGEAR RBS50Y firmware
All of
NETGEAR WNR2000v5 firmware	<1.0.0.76
NETGEAR WNR2000v5 firmware
All of
NETGEAR XR700	<1.0.1.36
NETGEAR XR700 firmware
All of
NETGEAR EX6150v2 firmware	<1.0.1.98
NETGEAR EX6150v2 firmware
All of
NETGEAR EX7300	<1.0.2.158
NETGEAR EX7300v2
All of
NETGEAR EX7320	<1.0.0.134
NETGEAR EX7320
All of
NETGEAR RAX10 firmware	<1.0.2.88
NETGEAR RAX10
All of
NETGEAR RAX120 firmware	<1.2.0.16
NETGEAR RAX120 firmware
All of
NETGEAR RAX70 firmware	<1.0.2.88
NETGEAR RAX70 firmware
All of
NETGEAR EX6100v2 firmware	<1.0.1.98
NETGEAR EX6100v2 firmware
All of
NETGEAR EX6400 firmware	<1.0.2.158
NETGEAR EX6400v2
All of
NETGEAR EX7300v2 firmware	<1.0.0.134
NETGEAR EX7300v2 firmware
All of
NETGEAR R6700AX firmware	<1.0.2.88
NETGEAR R6700AX firmware
All of
NETGEAR RAX120v2 firmware	<1.2.0.16
NETGEAR RAX120v2 firmware
All of
NETGEAR RAX78 firmware	<1.0.2.88
NETGEAR RAX78 firmware
All of
NETGEAR EX6410	<1.0.0.134
NETGEAR EX6410
All of
NETGEAR RBR10 firmware	<2.7.3.22
NETGEAR RBR10 firmware
All of
NETGEAR RBR20	<2.7.3.22
NETGEAR RBR20
All of
NETGEAR RBR350 firmware	<4.3.4.7
NETGEAR RBR350 firmware
All of
NETGEAR CBR40 firmware	<2.7.3.22
NETGEAR RBR40 firmware
All of
NETGEAR RBR50 firmware	<2.7.3.22
NETGEAR RBR50 firmware
All of
NETGEAR EX6420	<1.0.0.134
NETGEAR EX6420
All of
NETGEAR RBS10	<2.7.3.22
NETGEAR RBS10 firmware
All of
NETGEAR RBS20 firmware	<2.7.3.22
NETGEAR RBS20 firmware
All of
NETGEAR RBS350	<4.3.4.7
NETGEAR RBS350 firmware
All of
NETGEAR RBS40 firmware	<2.7.3.22
NETGEAR RBS40 firmware
All of
NETGEAR RBS50 firmware	<2.7.3.22
NETGEAR RBS50
All of
NETGEAR EX6400v2 firmware	<1.0.0.134
NETGEAR EX6400v2 firmware
All of
NETGEAR RBK12 firmware	<2.7.3.22
NETGEAR RBK12 firmware
All of
NETGEAR RBK20 Router Firmware	<2.7.3.22
NETGEAR RBK20 firmware
All of
NETGEAR RBK352	<4.3.4.7
NETGEAR RBK352
All of
NETGEAR RBK40	<2.7.3.22
NETGEAR RBK40 firmware
All of
NETGEAR RBK50 firmware	<2.7.3.22
NETGEAR RBK50
All of
NETGEAR EX6200v2 firmware	<1.0.1.86
NETGEAR EX6200v2 firmware
All of
NETGEAR R9000 firmware	<1.0.5.26
NETGEAR R9000 firmware
NETGEAR EX6250	<1.0.0.134
NETGEAR EX6250
NETGEAR EX7700	<1.0.0.216
NETGEAR EX7700
NETGEAR EX8000	<1.0.1.232
NETGEAR EX8000
NETGEAR LBR1020 firmware	<2.6.3.58
NETGEAR LBR1020 firmware
NETGEAR LBR20 firmware	<2.6.3.50
NETGEAR LBR20 firmware
NETGEAR R7800 firmware	<1.0.2.80
NETGEAR R7800
NETGEAR R8900 firmware	<1.0.5.26
NETGEAR R8900
NETGEAR RBS50Y firmware	<2.7.3.22
NETGEAR RBS50Y firmware
NETGEAR WNR2000v5 firmware	<1.0.0.76
NETGEAR WNR2000v5 firmware
NETGEAR XR700	<1.0.1.36
NETGEAR XR700 firmware
NETGEAR EX6150v2 firmware	<1.0.1.98
NETGEAR EX6150v2 firmware
NETGEAR EX7300	<1.0.2.158
NETGEAR EX7300v2
NETGEAR EX7320	<1.0.0.134
NETGEAR EX7320
NETGEAR RAX10 firmware	<1.0.2.88
NETGEAR RAX10
NETGEAR RAX120 firmware	<1.2.0.16
NETGEAR RAX120 firmware
NETGEAR RAX70 firmware	<1.0.2.88
NETGEAR RAX70 firmware
NETGEAR EX6100v2 firmware	<1.0.1.98
NETGEAR EX6100v2 firmware
NETGEAR EX6400 firmware	<1.0.2.158
NETGEAR EX6400v2
NETGEAR EX7300v2 firmware	<1.0.0.134
NETGEAR EX7300v2 firmware
NETGEAR R6700AX firmware	<1.0.2.88
NETGEAR R6700AX firmware
NETGEAR RAX120v2 firmware	<1.2.0.16
NETGEAR RAX120v2 firmware
NETGEAR RAX78 firmware	<1.0.2.88
NETGEAR RAX78 firmware
NETGEAR EX6410	<1.0.0.134
NETGEAR EX6410
NETGEAR RBR10 firmware	<2.7.3.22
NETGEAR RBR10 firmware
NETGEAR RBR20	<2.7.3.22
NETGEAR RBR20
NETGEAR RBR350 firmware	<4.3.4.7
NETGEAR RBR350 firmware
NETGEAR CBR40 firmware	<2.7.3.22
NETGEAR RBR40 firmware
NETGEAR RBR50 firmware	<2.7.3.22
NETGEAR RBR50 firmware
NETGEAR EX6420	<1.0.0.134
NETGEAR EX6420
NETGEAR RBS10	<2.7.3.22
NETGEAR RBS10 firmware
NETGEAR RBS20 firmware	<2.7.3.22
NETGEAR RBS20 firmware
NETGEAR RBS350	<4.3.4.7
NETGEAR RBS350 firmware
NETGEAR RBS40 firmware	<2.7.3.22
NETGEAR RBS40 firmware
NETGEAR RBS50 firmware	<2.7.3.22
NETGEAR RBS50
NETGEAR EX6400v2 firmware	<1.0.0.134
NETGEAR EX6400v2 firmware
NETGEAR RBK12 firmware	<2.7.3.22
NETGEAR RBK12 firmware
NETGEAR RBK20 Router Firmware	<2.7.3.22
NETGEAR RBK20 firmware
NETGEAR RBK352	<4.3.4.7
NETGEAR RBK352
NETGEAR RBK40	<2.7.3.22
NETGEAR RBK40 firmware
NETGEAR RBK50 firmware	<2.7.3.22
NETGEAR RBK50
NETGEAR EX6200v2 firmware	<1.0.1.86
NETGEAR EX6200v2 firmware
NETGEAR R9000 firmware	<1.0.5.26
NETGEAR R9000 firmware

Never miss a vulnerability like this again

Reference Links

https://kb.netgear.com/000064492/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0435

Frequently Asked Questions

What is the severity of CVE-2021-45619?
CVE-2021-45619 is classified as a high-severity vulnerability due to its potential for command injection by unauthenticated attackers.
How do I fix CVE-2021-45619?
To mitigate CVE-2021-45619, users should upgrade their affected NETGEAR devices to the latest firmware versions that address this vulnerability.
Which devices are affected by CVE-2021-45619?
CVE-2021-45619 affects several NETGEAR devices including, but not limited to, EX6200v2, EX6250, EX7700, and R7800.
Can CVE-2021-45619 be exploited remotely?
Yes, CVE-2021-45619 can be exploited remotely by an unauthenticated attacker, increasing the risk associated with this vulnerability.
What type of vulnerability is CVE-2021-45619?
CVE-2021-45619 is a command injection vulnerability that allows attackers to execute arbitrary commands on affected systems.