CVE-2021-34865

CWE-287Improper AuthenticationCWE-6973 documents3 sources
Severity
8.8HIGH
EPSS
1.1%
top 21.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
18
Netgear Ac2100 FirmwareNetgear Ac2400 FirmwareNetgear Ac2600 Firmware+15 more
Timeline
PublishedJan 25
Latest updateJan 26

Description

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages18 packages

CVEListV5netgear/multiple_routers1.2.0.76_1.0.1
NVDnetgear/r6220_firmware< 1.1.0.110
NVDnetgear/r6230_firmware< 1.1.0.110
NVDnetgear/r6260_firmware< 1.1.0.84
NVDnetgear/r6330_firmware< 1.1.0.84

🔴Vulnerability Details

2
GHSA
GHSA-5wc2-pfcw-568j: This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers2022-01-26
CVEList
CVE-2021-34865: This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers2022-01-25
CVE-2021-34865 (HIGH CVSS 8.8) | This vulnerability allows network-a | cvebase.io