Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-38531

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6260 before 1.1.0.78, R6700v2 before 1.2.0.76, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, and AC2400 before 1.2.0.76.

Published

2021-08-11T00:17:07.800

Last Modified

2024-11-21T06:17:21.393

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.7 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.0

Impact Score

6.4

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	netgear	d6200_firmware	< 1.1.00.40	Yes
Hardware	netgear	d6200	-	No
Operating System	netgear	d7000_firmware	< 1.0.1.78	Yes
Hardware	netgear	d7000	-	No
Operating System	netgear	r6020_firmware	< 1.0.0.42	Yes
Hardware	netgear	r6020	-	No
Operating System	netgear	r6080_firmware	< 1.0.0.42	Yes
Hardware	netgear	r6080	-	No
Operating System	netgear	r6120_firmware	< 1.0.0.66	Yes
Hardware	netgear	r6120	-	No
Operating System	netgear	r6260_firmware	< 1.1.0.78	Yes
Hardware	netgear	r6260	-	No
Operating System	netgear	r6700_firmware	< 1.2.0.76	Yes
Hardware	netgear	r6700	v2	No
Operating System	netgear	r6800_firmware	< 1.2.0.76	Yes
Hardware	netgear	r6800	-	No
Operating System	netgear	r6900_firmware	< 1.2.0.76	Yes
Hardware	netgear	r6900	v2	No
Operating System	netgear	r7450_firmware	< 1.2.0.76	Yes
Hardware	netgear	r7450	-	No
Operating System	netgear	ac2100_firmware	< 1.2.0.76	Yes
Hardware	netgear	ac2100	-	No
Operating System	netgear	ac2400_firmware	< 1.2.0.76	Yes
Hardware	netgear	ac2400	-	No

References

https://kb.netgear.com/000063769/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Gateways-PSV-2019-0113 Vendor Advisory ([email protected])
https://kb.netgear.com/000063769/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-and-Gateways-PSV-2019-0113 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)