1. Home
  2. CVE Database
  3. CVE-2021-45602
MEDIUM · 6.1

CVE-2021-45602

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100,...

Vulnerability Description

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
NetgearD7800 Firmware< 1.0.1.66
NetgearD7800-
NetgearEx2700 Firmware< 1.0.1.68
NetgearEx2700-
NetgearWn3000Rpv2 Firmware< 1.0.0.90
NetgearWn3000Rpv2-
NetgearWn3000Rpv3 Firmware< 1.0.2.100
NetgearWn3000Rpv3-
NetgearLbr1020 Firmware< 2.6.5.20
NetgearLbr1020-
NetgearLbr20 Firmware< 2.6.5.32
NetgearLbr20-
NetgearR6700Ax Firmware< 1.0.10.110
NetgearR6700Ax-
NetgearR7800 Firmware< 1.0.2.86
NetgearR7800-
NetgearR8900 Firmware< 1.0.5.38
NetgearR8900-
NetgearR9000 Firmware< 1.0.5.38
NetgearR9000-

Related Weaknesses (CWE)

CWE-78

References

FAQ

What is CVE-2021-45602?

CVE-2021-45602 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100,...

How severe is CVE-2021-45602?

CVE-2021-45602 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-45602?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear D7800 Firmware, Netgear D7800, Netgear Ex2700 Firmware, Netgear Ex2700, Netgear Wn3000Rpv2 Firmware.