CVE-2021-27254Use of Hard-coded Password in Netgear Br200 Firmware

CWE-259Use of Hard-coded PasswordCWE-798Hard-coded Credentials3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.1%
top 75.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
44
Netgear Br200 FirmwareNetgear Br500 FirmwareNetgear D7800 Firmware+41 more
Timeline
PublishedMar 5
Latest updateMay 24

Description

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages44 packages

NVDnetgear/r7800_firmware< 1.0.2.80
CVEListV5netgear/r7800firmware version 1.0.2.76
NVDnetgear/br200_firmware< 5.10.0.5
NVDnetgear/br500_firmware< 5.10.0.5
NVDnetgear/d7800_firmware< 1.0.1.60

Patches

Patch: kb.netgear.comPatch: kb.netgear.com

🔴Vulnerability Details

2
GHSA
GHSA-qxg5-9hcj-qp59: This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R78002022-05-24
CVEList
CVE-2021-27254: This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R78002021-03-05
CVE-2021-27254 — Use of Hard-coded Password in Netgear | cvebase