CRITICAL✓ PATCH🇬🇧 English

CVE-2021-45626

CVSS 9.6v3.1pub. 2021-12-26upd. 2024-11-21

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK20 before 2.6.1.36, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, and RBS50Y before 2.6.1.40.

oryginał EN
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Netgear Rbk20

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbk20 Firmware

    OS
    Netgear
    < 2.6.1.38
  • Netgear Rbk40

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbk40 Firmware

    OS
    Netgear
    < 2.6.1.38
  • Netgear Rbk50

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbk50 Firmware

    OS
    Netgear
    < 2.6.1.40
  • Netgear Rbr20

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbr20 Firmware

    OS
    Netgear
    < 2.6.1.36
  • Netgear Rbr40

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbr40 Firmware

    OS
    Netgear
    < 2.6.1.36
  • Netgear Rbr50

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbr50 Firmware

    OS
    Netgear
    < 2.6.1.40
  • Netgear Rbs20

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbs20 Firmware

    OS
    Netgear
    < 2.6.1.38
  • Netgear Rbs40

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbs40 Firmware

    OS
    Netgear
    < 2.6.1.38
  • Netgear Rbs50

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbs50 Firmware

    OS
    Netgear
    < 2.6.1.40
  • Netgear Rbs50y

    HW
    Netgear
    wszystkie wersje
  • Netgear Rbs50y Firmware

    OS
    Netgear
    < 2.6.1.40
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2021-45619CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects EX6200v...

CVE-2021-45618CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 b...

CVE-2021-38530CRITICAL9.6ten sam produkt

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK40 b...

CVE-2021-38516CRITICAL10.0ten sam produkt

Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 befor...

CVE-2022-40619HIGH7.7ten sam produkt

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server ...