CVE-2021-45594 — HIGH (8.4)

Q: How severe is CVE-2021-45594?

CVE-2021-45594 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-45594?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Rbr20 Firmware, Netgear Rbr20, Netgear Rbr40 Firmware, Netgear Rbr40, Netgear Rbr50 Firmware.

Vulnerability Description

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS50Y before 2.7.3.22, RBR20 before 2.7.3.22, RBR40 before 2.7.3.22, RBR50 before 2.7.3.22, RBS20 before 2.7.3.22, RBS40 before 2.7.3.22, RBS50 before 2.7.3.22, RBK20 before 2.7.3.22, RBK40 before 2.7.3.22, and RBK50 before 2.7.3.22.

CVSS Score

8.4

HIGH

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Netgear	Rbr20 Firmware	< 2.7.3.22
Netgear	Rbr20	-
Netgear	Rbr40 Firmware	< 2.7.3.22
Netgear	Rbr40	-
Netgear	Rbr50 Firmware	< 2.7.3.22
Netgear	Rbr50	-
Netgear	Rbs20 Firmware	< 2.7.3.22
Netgear	Rbs20	-
Netgear	Rbs40 Firmware	< 2.7.3.22
Netgear	Rbs40	-
Netgear	Rbs50 Firmware	< 2.7.3.22
Netgear	Rbs50	-
Netgear	Rbk20 Firmware	< 2.7.3.22
Netgear	Rbk20	-
Netgear	Rbk40 Firmware	< 2.7.3.22
Netgear	Rbk40	-
Netgear	Rbk50 Firmware	< 2.7.3.22
Netgear	Rbk50	-
Netgear	Rbs50Y Firmware	< 2.7.3.22
Netgear	Rbs50Y	-

Related Weaknesses (CWE)

CWE-77

References

https://kb.netgear.com/000064475/Security-Advisory-for-Post-Authentication-CommaVendor Advisory
https://kb.netgear.com/000064475/Security-Advisory-for-Post-Authentication-CommaVendor Advisory

FAQ

What is CVE-2021-45594?

CVE-2021-45594 is a vulnerability with a CVSS score of 8.4 (HIGH). Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBS50Y before 2.7.3.22, RBR20 before 2.7.3.22, RBR40 before 2.7.3.22, RBR50 before 2.7.3.22, RBS20 befo...

How severe is CVE-2021-45594?

CVE-2021-45594 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-45594?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Rbr20 Firmware, Netgear Rbr20, Netgear Rbr40 Firmware, Netgear Rbr40, Netgear Rbr50 Firmware.