CVE-2021-32122

CWE-352Cross-Site Request Forgery (CSRF)3 documents3 sources
Severity
8.0HIGH
EPSS
0.2%
top 61.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Netgear Ex3700 FirmwareNetgear Ex3800 FirmwareNetgear Ex6120 Firmware+1 more
Timeline
PublishedAug 11
Latest updateMay 24

Description

Certain NETGEAR devices are affected by CSRF. This affects EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, and EX6130 before 1.0.0.44.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

NVDnetgear/ex3700_firmware< 1.0.0.90
NVDnetgear/ex3800_firmware< 1.0.0.90
NVDnetgear/ex6120_firmware< 1.0.0.64
NVDnetgear/ex6130_firmware< 1.0.0.44

🔴Vulnerability Details

2
GHSA
GHSA-37f4-hx4j-c54c: Certain NETGEAR devices are affected by CSRF2022-05-24
CVEList
CVE-2021-32122: Certain NETGEAR devices are affected by CSRF2021-08-10
CVE-2021-32122 (HIGH CVSS 8) | Certain NETGEAR devices are affecte | cvebase.io