CVE-2021-45647 — MEDIUM (6.5)

Q: How severe is CVE-2021-45647?

CVE-2021-45647 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-45647?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Eax80 Firmware, Netgear Eax80, Netgear Ex7000 Firmware, Netgear Ex7000, Netgear R6120 Firmware.

Vulnerability Description

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.68, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Netgear	Eax80 Firmware	< 1.0.1.62
Netgear	Eax80	-
Netgear	Ex7000 Firmware	< 1.0.1.104
Netgear	Ex7000	-
Netgear	R6120 Firmware	< 1.0.0.76
Netgear	R6120	-
Netgear	R6220 Firmware	1.1.0.110
Netgear	R6220	-
Netgear	R6230 Firmware	< 1.1.0.110
Netgear	R6230	-
Netgear	R6260 Firmware	< 1.1.0.78
Netgear	R6260	-
Netgear	R6850 Firmware	< 1.1.0.78
Netgear	R6850	-
Netgear	R6350 Firmware	< 1.1.0.78
Netgear	R6350	-
Netgear	R6330 Firmware	< 1.1.0.78
Netgear	R6330	-
Netgear	R6800 Firmware	< 1.2.0.76
Netgear	R6800	-

Related Weaknesses (CWE)

CWE-200

References

https://kb.netgear.com/000064118/Security-Advisory-for-Sensitive-Information-DisPatchVendor Advisory
https://kb.netgear.com/000064118/Security-Advisory-for-Sensitive-Information-DisPatchVendor Advisory

FAQ

What is CVE-2021-45647?

CVE-2021-45647 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1....

How severe is CVE-2021-45647?

CVE-2021-45647 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-45647?

Check the references section above for vendor advisories and patch information. Affected products include: Netgear Eax80 Firmware, Netgear Eax80, Netgear Ex7000 Firmware, Netgear Ex7000, Netgear R6120 Firmware.