1. Home
  2. CVE Database
  3. CVE-2021-45548
MEDIUM · 6.3

CVE-2021-45548

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v...

Vulnerability Description

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6410 before 1.0.0.128, EX6420 before 1.0.0.128, EX7300 before 1.0.2.144, EX7300v2 before 1.0.0.128, EX7320 before 1.0.0.128, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.5.26, R9000 before 1.0.5.2, RAX120 before 1.0.1.128, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.80, WNR2000v5 before 1.0.0.74, XR500 before 2.3.2.66, RBK20 before 2.7.3.22, RBR20 before 2.7.3.22, RBS20 before 2.7.3.22, RBK40 before 2.7.3.22, RBR40 before 2.7.3.22, and RBS40 before 2.7.3.22.

CVSS Score

6.3

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
LOW

Affected Products

VendorProductVersions
NetgearD7800 Firmware< 1.0.1.60
NetgearD7800-
NetgearDm200 Firmware< 1.0.0.66
NetgearDm200-
NetgearEx2700 Firmware< 1.0.1.56
NetgearEx2700-
NetgearEx6150V2 Firmware< 1.0.1.86
NetgearEx6150V2-
NetgearEx6200V2 Firmware< 1.0.1.86
NetgearEx6200V2-
NetgearEx6250 Firmware< 1.0.0.128
NetgearEx6250-
NetgearEx6400 Firmware< 1.0.2.144
NetgearEx6400-
NetgearEx6400V2 Firmware< 1.0.0.128
NetgearEx6400V2-
NetgearEx6410 Firmware< 1.0.0.128
NetgearEx6410-
NetgearEx6420 Firmware< 1.0.0.128
NetgearEx6420-

Related Weaknesses (CWE)

CWE-77

References

FAQ

What is CVE-2021-45548?

CVE-2021-45548 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v...

How severe is CVE-2021-45548?

CVE-2021-45548 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-45548?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear D7800 Firmware, Netgear D7800, Netgear Dm200 Firmware, Netgear Dm200, Netgear Ex2700 Firmware.