Search criteria
7 vulnerabilities found for rbk53 by netgear
VAR-202103-0947
Vulnerability from variot - Updated: 2024-11-23 22:57This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355. NETGEAR R7800 For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-12355 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "rbk53",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "ex6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.80"
},
{
"_id": null,
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"_id": null,
"model": "ex6420",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "ex6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7320",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk13",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk23",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "br200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk44",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "lbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.3.50"
},
{
"_id": null,
"model": "ex6150v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6410",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbs50y",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "br500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk14",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex7300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.38"
},
{
"_id": null,
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6100v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbk43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex7700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.216"
},
{
"_id": null,
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk43s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.232"
},
{
"_id": null,
"model": "rbk15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex6150v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6100v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6250",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6420",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6410",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r7800",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-262"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004431"
},
{
"db": "NVD",
"id": "CVE-2021-27256"
}
]
},
"credits": {
"_id": null,
"data": "takeshi",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-262"
}
],
"trust": 0.7
},
"cve": "CVE-2021-27256",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-27256",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27256",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27256",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27256",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27256",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-27256",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-27256",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-27256",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202102-1749",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-27256",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-262"
},
{
"db": "VULMON",
"id": "CVE-2021-27256"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004431"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1749"
},
{
"db": "NVD",
"id": "CVE-2021-27256"
},
{
"db": "NVD",
"id": "CVE-2021-27256"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355. NETGEAR R7800 For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-12355 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27256"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004431"
},
{
"db": "ZDI",
"id": "ZDI-21-262"
},
{
"db": "VULMON",
"id": "CVE-2021-27256"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-27256",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-21-262",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004431",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12355",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1749",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27256",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-262"
},
{
"db": "VULMON",
"id": "CVE-2021-27256"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004431"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1749"
},
{
"db": "NVD",
"id": "CVE-2021-27256"
}
]
},
"id": "VAR-202103-0947",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26161140789473686
},
"last_update_date": "2024-11-23T22:57:58.511000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders",
"trust": 1.5,
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"title": "NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142980"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-262"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004431"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1749"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004431"
},
{
"db": "NVD",
"id": "CVE-2021-27256"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.2,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-262/"
},
{
"trust": 2.4,
"url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27256"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-262"
},
{
"db": "VULMON",
"id": "CVE-2021-27256"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004431"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1749"
},
{
"db": "NVD",
"id": "CVE-2021-27256"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-262",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2021-27256",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004431",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1749",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-27256",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-02-26T00:00:00",
"db": "ZDI",
"id": "ZDI-21-262",
"ident": null
},
{
"date": "2021-03-05T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27256",
"ident": null
},
{
"date": "2021-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-004431",
"ident": null
},
{
"date": "2021-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1749",
"ident": null
},
{
"date": "2021-03-05T20:15:12.550000",
"db": "NVD",
"id": "CVE-2021-27256",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-02-26T00:00:00",
"db": "ZDI",
"id": "ZDI-21-262",
"ident": null
},
{
"date": "2021-03-16T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27256",
"ident": null
},
{
"date": "2021-11-22T05:39:00",
"db": "JVNDB",
"id": "JVNDB-2021-004431",
"ident": null
},
{
"date": "2021-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1749",
"ident": null
},
{
"date": "2024-11-21T05:57:42.160000",
"db": "NVD",
"id": "CVE-2021-27256",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1749"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "NETGEAR\u00a0R7800\u00a0 In firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004431"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1749"
}
],
"trust": 0.6
}
}
VAR-202103-0948
Vulnerability from variot - Updated: 2024-11-23 22:54This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362. NETGEAR R7800 There is a certificate validation vulnerability in the firmware. Zero Day Initiative To this vulnerability ZDI-CAN-12362 Was numbered.Information may be tampered with. Netgear NETGEAR R7800 is a wireless router from Netgear
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "r7800",
"scope": null,
"trust": 1.3,
"vendor": "netgear",
"version": null
},
{
"_id": null,
"model": "rbk53",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "ex6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.80"
},
{
"_id": null,
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"_id": null,
"model": "ex6420",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "ex6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7320",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk13",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk23",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "br200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk44",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "lbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.3.50"
},
{
"_id": null,
"model": "ex6150v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6410",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbs50y",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "br500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk14",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex7300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.38"
},
{
"_id": null,
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6100v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbk43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex7700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.216"
},
{
"_id": null,
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk43s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.232"
},
{
"_id": null,
"model": "rbk15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex6150v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6250",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6410",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6420",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6100v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-264"
},
{
"db": "CNVD",
"id": "CNVD-2021-14775"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004503"
},
{
"db": "NVD",
"id": "CVE-2021-27257"
}
]
},
"credits": {
"_id": null,
"data": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-264"
}
],
"trust": 0.7
},
"cve": "CVE-2021-27257",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-27257",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2021-14775",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27257",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27257",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27257",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27257",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-27257",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-27257",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2021-27257",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2021-14775",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202102-1752",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-27257",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-264"
},
{
"db": "CNVD",
"id": "CNVD-2021-14775"
},
{
"db": "VULMON",
"id": "CVE-2021-27257"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004503"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1752"
},
{
"db": "NVD",
"id": "CVE-2021-27257"
},
{
"db": "NVD",
"id": "CVE-2021-27257"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362. NETGEAR R7800 There is a certificate validation vulnerability in the firmware. Zero Day Initiative To this vulnerability ZDI-CAN-12362 Was numbered.Information may be tampered with. Netgear NETGEAR R7800 is a wireless router from Netgear",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27257"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004503"
},
{
"db": "ZDI",
"id": "ZDI-21-264"
},
{
"db": "CNVD",
"id": "CNVD-2021-14775"
},
{
"db": "VULMON",
"id": "CVE-2021-27257"
}
],
"trust": 2.88
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-27257",
"trust": 3.8
},
{
"db": "ZDI",
"id": "ZDI-21-264",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004503",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12362",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2021-14775",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1752",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27257",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-264"
},
{
"db": "CNVD",
"id": "CNVD-2021-14775"
},
{
"db": "VULMON",
"id": "CVE-2021-27257"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004503"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1752"
},
{
"db": "NVD",
"id": "CVE-2021-27257"
}
]
},
"id": "VAR-202103-0948",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-14775"
}
],
"trust": 0.8616114078947368
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-14775"
}
]
},
"last_update_date": "2024-11-23T22:54:53.310000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders",
"trust": 1.5,
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"title": "Patch for NETGEAR remote code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/251011"
},
{
"title": "NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142983"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-264"
},
{
"db": "CNVD",
"id": "CNVD-2021-14775"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004503"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1752"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-295",
"trust": 1.0
},
{
"problemtype": "Bad certificate verification (CWE-295) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004503"
},
{
"db": "NVD",
"id": "CVE-2021-27257"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-264/"
},
{
"trust": 2.4,
"url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27257"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/295.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-264"
},
{
"db": "CNVD",
"id": "CNVD-2021-14775"
},
{
"db": "VULMON",
"id": "CVE-2021-27257"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004503"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1752"
},
{
"db": "NVD",
"id": "CVE-2021-27257"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-264",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2021-14775",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2021-27257",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004503",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1752",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-27257",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-02-26T00:00:00",
"db": "ZDI",
"id": "ZDI-21-264",
"ident": null
},
{
"date": "2021-03-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-14775",
"ident": null
},
{
"date": "2021-03-05T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27257",
"ident": null
},
{
"date": "2021-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-004503",
"ident": null
},
{
"date": "2021-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1752",
"ident": null
},
{
"date": "2021-03-05T20:15:12.660000",
"db": "NVD",
"id": "CVE-2021-27257",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-06-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-264",
"ident": null
},
{
"date": "2021-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-14775",
"ident": null
},
{
"date": "2021-03-17T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27257",
"ident": null
},
{
"date": "2021-11-24T03:20:00",
"db": "JVNDB",
"id": "JVNDB-2021-004503",
"ident": null
},
{
"date": "2021-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1752",
"ident": null
},
{
"date": "2024-11-21T05:57:42.320000",
"db": "NVD",
"id": "CVE-2021-27257",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1752"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "NETGEAR\u00a0R7800\u00a0 Firmware validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004503"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1752"
}
],
"trust": 0.6
}
}
VAR-202104-1037
Vulnerability from variot - Updated: 2024-11-23 22:54This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308. Zero Day Initiative To this vulnerability ZDI-CAN-12308 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "rbk53",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "ex6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.80"
},
{
"_id": null,
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"_id": null,
"model": "ex6420",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "ex6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7320",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk13",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk23",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "br200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk44",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "lbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.3.50"
},
{
"_id": null,
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6410",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbs50y",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "br500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk14",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "ex7300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.38"
},
{
"_id": null,
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6100v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbk43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex7700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.216"
},
{
"_id": null,
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk43s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.232"
},
{
"_id": null,
"model": "rbk15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "br500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6410",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6150",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6100v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6250",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r7800",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-247"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006381"
},
{
"db": "NVD",
"id": "CVE-2021-27251"
}
]
},
"credits": {
"_id": null,
"data": "Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-247"
}
],
"trust": 0.7
},
"cve": "CVE-2021-27251",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-27251",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27251",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27251",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27251",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27251",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-27251",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-27251",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-27251",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-1136",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-247"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006381"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1136"
},
{
"db": "NVD",
"id": "CVE-2021-27251"
},
{
"db": "NVD",
"id": "CVE-2021-27251"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308. Zero Day Initiative To this vulnerability ZDI-CAN-12308 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27251"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006381"
},
{
"db": "ZDI",
"id": "ZDI-21-247"
},
{
"db": "VULMON",
"id": "CVE-2021-27251"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-27251",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-21-247",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006381",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12308",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1136",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27251",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-247"
},
{
"db": "VULMON",
"id": "CVE-2021-27251"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006381"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1136"
},
{
"db": "NVD",
"id": "CVE-2021-27251"
}
]
},
"id": "VAR-202104-1037",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.25201656722222227
},
"last_update_date": "2024-11-23T22:54:48.346000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders",
"trust": 1.5,
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"title": "Netgear NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147498"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-247"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006381"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1136"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-319",
"trust": 1.0
},
{
"problemtype": "Sending important information in clear text (CWE-319) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-006381"
},
{
"db": "NVD",
"id": "CVE-2021-27251"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-247/"
},
{
"trust": 2.4,
"url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27251"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/319.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-247"
},
{
"db": "VULMON",
"id": "CVE-2021-27251"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006381"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1136"
},
{
"db": "NVD",
"id": "CVE-2021-27251"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-247",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2021-27251",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006381",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1136",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-27251",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-02-24T00:00:00",
"db": "ZDI",
"id": "ZDI-21-247",
"ident": null
},
{
"date": "2021-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27251",
"ident": null
},
{
"date": "2022-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-006381",
"ident": null
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-1136",
"ident": null
},
{
"date": "2021-04-14T16:15:13.657000",
"db": "NVD",
"id": "CVE-2021-27251",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-02-24T00:00:00",
"db": "ZDI",
"id": "ZDI-21-247",
"ident": null
},
{
"date": "2021-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27251",
"ident": null
},
{
"date": "2022-01-06T05:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-006381",
"ident": null
},
{
"date": "2021-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-1136",
"ident": null
},
{
"date": "2024-11-21T05:57:41.280000",
"db": "NVD",
"id": "CVE-2021-27251",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-1136"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "NETGEAR\u00a0Nighthawk\u00a0R7800\u00a0 Vulnerability in plaintext transmission of important information in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-006381"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-1136"
}
],
"trust": 0.6
}
}
VAR-202104-1038
Vulnerability from variot - Updated: 2024-11-23 22:47This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216. NETGEAR R7800 For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-12216 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "rbk53",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "ex6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.80"
},
{
"_id": null,
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"_id": null,
"model": "ex6420",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "ex6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7320",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk13",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk23",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "br200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk44",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "lbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.3.50"
},
{
"_id": null,
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6410",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbs50y",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "br500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk14",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "ex7300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.38"
},
{
"_id": null,
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6100v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbk43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex7700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.216"
},
{
"_id": null,
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk43s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.232"
},
{
"_id": null,
"model": "rbk15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "br500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6410",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6150",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6100v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6250",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r7800",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-248"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006382"
},
{
"db": "NVD",
"id": "CVE-2021-27252"
}
]
},
"credits": {
"_id": null,
"data": "atdog (@atdog_tw)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-248"
}
],
"trust": 0.7
},
"cve": "CVE-2021-27252",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-27252",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27252",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27252",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27252",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27252",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-27252",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-27252",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-27252",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-1073",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-248"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006382"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1073"
},
{
"db": "NVD",
"id": "CVE-2021-27252"
},
{
"db": "NVD",
"id": "CVE-2021-27252"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216. NETGEAR R7800 For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-12216 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27252"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006382"
},
{
"db": "ZDI",
"id": "ZDI-21-248"
},
{
"db": "VULMON",
"id": "CVE-2021-27252"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-27252",
"trust": 4.0
},
{
"db": "ZDI",
"id": "ZDI-21-248",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006382",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12216",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1073",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27252",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-248"
},
{
"db": "VULMON",
"id": "CVE-2021-27252"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006382"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1073"
},
{
"db": "NVD",
"id": "CVE-2021-27252"
}
]
},
"id": "VAR-202104-1038",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.25201656722222227
},
"last_update_date": "2024-11-23T22:47:39.525000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders",
"trust": 1.5,
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"title": "Netgear NETGEAR R7800 Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147594"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-248"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006382"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1073"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-006382"
},
{
"db": "NVD",
"id": "CVE-2021-27252"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-248/"
},
{
"trust": 2.4,
"url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27252"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-248"
},
{
"db": "VULMON",
"id": "CVE-2021-27252"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006382"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1073"
},
{
"db": "NVD",
"id": "CVE-2021-27252"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-248",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2021-27252",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2021-006382",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1073",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-27252",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-02-24T00:00:00",
"db": "ZDI",
"id": "ZDI-21-248",
"ident": null
},
{
"date": "2021-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27252",
"ident": null
},
{
"date": "2022-01-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-006382",
"ident": null
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-1073",
"ident": null
},
{
"date": "2021-04-14T16:15:13.737000",
"db": "NVD",
"id": "CVE-2021-27252",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-02-24T00:00:00",
"db": "ZDI",
"id": "ZDI-21-248",
"ident": null
},
{
"date": "2021-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27252",
"ident": null
},
{
"date": "2022-01-06T05:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-006382",
"ident": null
},
{
"date": "2021-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-1073",
"ident": null
},
{
"date": "2024-11-21T05:57:41.453000",
"db": "NVD",
"id": "CVE-2021-27252",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-1073"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "NETGEAR\u00a0R7800\u00a0 In firmware \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-006382"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-1073"
}
],
"trust": 0.6
}
}
VAR-202103-0946
Vulnerability from variot - Updated: 2024-11-23 22:33This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360. Zero Day Initiative To this vulnerability ZDI-CAN-12360 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "rbk53",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "ex6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.80"
},
{
"_id": null,
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"_id": null,
"model": "ex6420",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "ex6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7320",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk13",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk23",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "br200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk44",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "lbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.3.50"
},
{
"_id": null,
"model": "ex6150v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6410",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbs50y",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "br500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk14",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex7300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.38"
},
{
"_id": null,
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6100v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbk43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex7700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.216"
},
{
"_id": null,
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk43s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.232"
},
{
"_id": null,
"model": "rbk15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex6150v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6100v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6250",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6420",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6410",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r7800",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-263"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004433"
},
{
"db": "NVD",
"id": "CVE-2021-27255"
}
]
},
"credits": {
"_id": null,
"data": "STARLabs",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-263"
}
],
"trust": 0.7
},
"cve": "CVE-2021-27255",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-27255",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27255",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27255",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-27255",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27255",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27255",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-27255",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-27255",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-27255",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202102-1751",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-263"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004433"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1751"
},
{
"db": "NVD",
"id": "CVE-2021-27255"
},
{
"db": "NVD",
"id": "CVE-2021-27255"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360. Zero Day Initiative To this vulnerability ZDI-CAN-12360 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27255"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004433"
},
{
"db": "ZDI",
"id": "ZDI-21-263"
}
],
"trust": 2.25
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-27255",
"trust": 3.1
},
{
"db": "ZDI",
"id": "ZDI-21-263",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004433",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12360",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1751",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-263"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004433"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1751"
},
{
"db": "NVD",
"id": "CVE-2021-27255"
}
]
},
"id": "VAR-202103-0946",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26161140789473686
},
"last_update_date": "2024-11-23T22:33:06.689000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders",
"trust": 1.5,
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"title": "NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142982"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-263"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004433"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1751"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
},
{
"problemtype": "Lack of authentication for important features (CWE-306) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004433"
},
{
"db": "NVD",
"id": "CVE-2021-27255"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.0,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-263/"
},
{
"trust": 2.3,
"url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27255"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-263"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004433"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1751"
},
{
"db": "NVD",
"id": "CVE-2021-27255"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-263",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004433",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1751",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-27255",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-02-26T00:00:00",
"db": "ZDI",
"id": "ZDI-21-263",
"ident": null
},
{
"date": "2021-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-004433",
"ident": null
},
{
"date": "2021-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1751",
"ident": null
},
{
"date": "2021-03-05T20:15:12.457000",
"db": "NVD",
"id": "CVE-2021-27255",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-02-26T00:00:00",
"db": "ZDI",
"id": "ZDI-21-263",
"ident": null
},
{
"date": "2021-11-22T05:55:00",
"db": "JVNDB",
"id": "JVNDB-2021-004433",
"ident": null
},
{
"date": "2021-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1751",
"ident": null
},
{
"date": "2024-11-21T05:57:41.983000",
"db": "NVD",
"id": "CVE-2021-27255",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1751"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "NETGEAR\u00a0R7800\u00a0 Vulnerability regarding lack of authentication for important functions in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004433"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1751"
}
],
"trust": 0.6
}
}
VAR-202104-1039
Vulnerability from variot - Updated: 2024-11-23 22:33This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_bind.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12303
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "rbk53",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "ex6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.80"
},
{
"_id": null,
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"_id": null,
"model": "ex6420",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "ex6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7320",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk13",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk23",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "br200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk44",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "lbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.3.50"
},
{
"_id": null,
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6410",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbs50y",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "br500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk14",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "ex7300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.38"
},
{
"_id": null,
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6100v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbk43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex7700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.216"
},
{
"_id": null,
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk43s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.232"
},
{
"_id": null,
"model": "rbk15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "r7800",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-249"
},
{
"db": "NVD",
"id": "CVE-2021-27253"
}
]
},
"credits": {
"_id": null,
"data": "Ho\\xc3\\xa0ng Th\\xe1\\xba\\xa1ch Nguy\\xe1\\xbb\\x85n, Lucas Tay",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-249"
}
],
"trust": 0.7
},
"cve": "CVE-2021-27253",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-27253",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27253",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27253",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27253",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27253",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-27253",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2021-27253",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-1071",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-27253",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-249"
},
{
"db": "VULMON",
"id": "CVE-2021-27253"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1071"
},
{
"db": "NVD",
"id": "CVE-2021-27253"
},
{
"db": "NVD",
"id": "CVE-2021-27253"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_bind.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12303",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27253"
},
{
"db": "ZDI",
"id": "ZDI-21-249"
},
{
"db": "VULMON",
"id": "CVE-2021-27253"
}
],
"trust": 1.62
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-27253",
"trust": 2.4
},
{
"db": "ZDI",
"id": "ZDI-21-249",
"trust": 2.4
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12303",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1071",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-27253",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-249"
},
{
"db": "VULMON",
"id": "CVE-2021-27253"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1071"
},
{
"db": "NVD",
"id": "CVE-2021-27253"
}
]
},
"id": "VAR-202104-1039",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.25201656722222227
},
"last_update_date": "2024-11-23T22:33:05.324000Z",
"patch": {
"_id": null,
"data": [
{
"title": "NETGEAR has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"title": "Netgear NETGEAR Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=148415"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-249"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1071"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-122",
"trust": 1.0
},
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27253"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.4,
"url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders"
},
{
"trust": 1.8,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-249/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27253"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-249"
},
{
"db": "VULMON",
"id": "CVE-2021-27253"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1071"
},
{
"db": "NVD",
"id": "CVE-2021-27253"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-249",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2021-27253",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202104-1071",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-27253",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-02-24T00:00:00",
"db": "ZDI",
"id": "ZDI-21-249",
"ident": null
},
{
"date": "2021-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27253",
"ident": null
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-1071",
"ident": null
},
{
"date": "2021-04-14T16:15:13.797000",
"db": "NVD",
"id": "CVE-2021-27253",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-02-24T00:00:00",
"db": "ZDI",
"id": "ZDI-21-249",
"ident": null
},
{
"date": "2021-04-23T00:00:00",
"db": "VULMON",
"id": "CVE-2021-27253",
"ident": null
},
{
"date": "2021-04-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-1071",
"ident": null
},
{
"date": "2024-11-21T05:57:41.613000",
"db": "NVD",
"id": "CVE-2021-27253",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-1071"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "(Pwn2Own) NETGEAR Nighthawk R7800 Heap-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-249"
}
],
"trust": 0.7
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-1071"
}
],
"trust": 0.6
}
}
VAR-202103-0945
Vulnerability from variot - Updated: 2024-11-23 22:20This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287. Zero Day Initiative To this vulnerability ZDI-CAN-12287 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "rbk53",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "r9000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "ex6250",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "r7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.80"
},
{
"_id": null,
"model": "rbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "r8900",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.5.28"
},
{
"_id": null,
"model": "rbk20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6400",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "rbs50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk12",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbs40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "d7800",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.60"
},
{
"_id": null,
"model": "ex6420",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7300",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.2.158"
},
{
"_id": null,
"model": "ex6400v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "ex7320",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbr50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk13",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "rbk23",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "br200",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk44",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "xr500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "lbr20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.3.50"
},
{
"_id": null,
"model": "ex6150v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbs20",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6410",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "rbs50y",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk50",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "xr450",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.3.2.114"
},
{
"_id": null,
"model": "br500",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "5.10.0.5"
},
{
"_id": null,
"model": "rbk14",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex7300v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.134"
},
{
"_id": null,
"model": "xr700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.38"
},
{
"_id": null,
"model": "rbr40",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex6100v2",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.98"
},
{
"_id": null,
"model": "rbk43",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex7700",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.0.216"
},
{
"_id": null,
"model": "rbr10",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "rbk43s",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.6.2.104"
},
{
"_id": null,
"model": "ex8000",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "1.0.1.232"
},
{
"_id": null,
"model": "rbk15",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2.7.2.104"
},
{
"_id": null,
"model": "ex6150v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6100v2",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "d7800",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br200",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6250",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6420",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6410",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "ex6400",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "br500",
"scope": null,
"trust": 0.8,
"vendor": "\u30cd\u30c3\u30c8\u30ae\u30a2",
"version": null
},
{
"_id": null,
"model": "r7800",
"scope": null,
"trust": 0.7,
"vendor": "netgear",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-252"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004434"
},
{
"db": "NVD",
"id": "CVE-2021-27254"
}
]
},
"credits": {
"_id": null,
"data": "84c0",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-252"
}
],
"trust": 0.7
},
"cve": "CVE-2021-27254",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CVE-2021-27254",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27254",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27254",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-27254",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2021-27254",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-27254",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-27254",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2021-27254",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2021-27254",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202102-1677",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-252"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004434"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1677"
},
{
"db": "NVD",
"id": "CVE-2021-27254"
},
{
"db": "NVD",
"id": "CVE-2021-27254"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287. Zero Day Initiative To this vulnerability ZDI-CAN-12287 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-27254"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004434"
},
{
"db": "ZDI",
"id": "ZDI-21-252"
}
],
"trust": 2.25
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2021-27254",
"trust": 3.1
},
{
"db": "ZDI",
"id": "ZDI-21-252",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004434",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12287",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1677",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-252"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004434"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1677"
},
{
"db": "NVD",
"id": "CVE-2021-27254"
}
]
},
"id": "VAR-202103-0945",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2616114078947368
},
"last_update_date": "2024-11-23T22:20:50.647000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Security\u00a0Advisory\u00a0for\u00a0Multiple\u00a0Vulnerabilities\u00a0on\u00a0Some\u00a0Routers,\u00a0Satellites,\u00a0and\u00a0Extenders",
"trust": 1.5,
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"title": "NETGEAR Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142759"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-252"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004434"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1677"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-798",
"trust": 1.0
},
{
"problemtype": "CWE-259",
"trust": 1.0
},
{
"problemtype": "Use hard-coded passwords (CWE-259) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004434"
},
{
"db": "NVD",
"id": "CVE-2021-27254"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.0,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-252/"
},
{
"trust": 2.3,
"url": "https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27254"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-252"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004434"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1677"
},
{
"db": "NVD",
"id": "CVE-2021-27254"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-21-252",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004434",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1677",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2021-27254",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2021-02-25T00:00:00",
"db": "ZDI",
"id": "ZDI-21-252",
"ident": null
},
{
"date": "2021-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-004434",
"ident": null
},
{
"date": "2021-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1677",
"ident": null
},
{
"date": "2021-03-05T20:15:12.317000",
"db": "NVD",
"id": "CVE-2021-27254",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2021-02-25T00:00:00",
"db": "ZDI",
"id": "ZDI-21-252",
"ident": null
},
{
"date": "2021-11-22T06:02:00",
"db": "JVNDB",
"id": "JVNDB-2021-004434",
"ident": null
},
{
"date": "2022-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1677",
"ident": null
},
{
"date": "2024-11-21T05:57:41.790000",
"db": "NVD",
"id": "CVE-2021-27254",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1677"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "NETGEAR\u00a0R7800\u00a0 Vulnerability in using hard-coded passwords in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004434"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1677"
}
],
"trust": 0.6
}
}