CVE-2021-45495Improper Authentication in Netgear D7000 Firmware

CWE-287Improper Authentication3 documents3 sources
Severity
9.8CRITICALNVD
CNA6.5
EPSS
0.3%
top 45.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netgear D7000 Firmware
Timeline
PublishedDec 26
Latest updateDec 27

Description

NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDnetgear/d7000_firmware< 1.0.1.68

Patches

Patch: kb.netgear.comPatch: kb.netgear.com

🔴Vulnerability Details

2
GHSA
GHSA-43w8-ggh3-p5rh: NETGEAR D7000 devices before 12021-12-27
CVEList
CVE-2021-45495: NETGEAR D7000 devices before 12021-12-26
CVE-2021-45495 — Improper Authentication in Netgear | cvebase