Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-45611


Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects DC112A before 1.0.0.52, R6400 before 1.0.1.68, RAX200 before 1.0.3.106, WNDR3400v3 before 1.0.1.38, XR300 before 1.0.3.68, R8500 before 1.0.2.144, RAX75 before 1.0.3.106, R8300 before 1.0.2.144, and RAX80 before 1.0.3.106.


Published

2021-12-26T01:15:18.223

Last Modified

2024-11-21T06:32:39.943

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.6 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-120

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System netgear dc112a_firmware < 1.0.0.52 Yes
Hardware netgear dc112a - No
Operating System netgear r6400_firmware < 1.0.1.68 Yes
Hardware netgear r6400 - No
Operating System netgear r8300_firmware < 1.0.2.144 Yes
Hardware netgear r8300 - No
Operating System netgear r8500_firmware < 1.0.2.144 Yes
Hardware netgear r8500 - No
Operating System netgear wndr3400v3_firmware < 1.0.1.38 Yes
Hardware netgear wndr3400v3 - No
Operating System netgear xr300_firmware < 1.0.3.68 Yes
Hardware netgear xr300 - No
Operating System netgear rax200_firmware < 1.0.3.106 Yes
Hardware netgear rax200 - No
Operating System netgear rax75_firmware < 1.0.3.106 Yes
Hardware netgear rax75 - No
Operating System netgear rax80_firmware < 1.0.3.106 Yes
Hardware netgear rax80 - No

References