CVE-2021-45511
published 2021-12-26CVE-2021-45511: Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021-08-27, AC2600 before 2021-08-27, D7000…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOIT
Exploited in the wild
Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021-08-27, AC2600 before 2021-08-27, D7000 before 2021-08-27, R6220 before 2021-08-27, R6230 before 2021-08-27, R6260 before 2021-08-27, R6330 before 2021-08-27, R6350 before 2021-08-27, R6700v2 before 2021-08-27, R6800 before 2021-08-27, R6850 before 2021-08-27, R6900v2 before 2021-08-27, R7200 before 2021-08-27, R7350 before 2021-08-27, R7400 before 2021-08-27, and R7450 before 2021-08-27.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netgear | ac2100_firmware | < 1.2.0.88 | 1.2.0.88 |
| netgear | ac2400_firmware | < 1.2.0.88 | 1.2.0.88 |
| netgear | ac2600_firmware | < 1.2.0.88 | 1.2.0.88 |
| netgear | d7000_firmware | < 1.0.1.80 | 1.0.1.80 |
| netgear | r6220_firmware | < 1.1.0.110 | 1.1.0.110 |
| netgear | r6230_firmware | < 1.1.0.110 | 1.1.0.110 |
| netgear | r6260_firmware | < 1.1.0.84 | 1.1.0.84 |
| netgear | r6330_firmware | < 1.1.0.84 | 1.1.0.84 |
| netgear | r6350_firmware | < 1.1.0.84 | 1.1.0.84 |
| netgear | r6700v2_firmware | < 1.2.0.88 | 1.2.0.88 |
| netgear | r6800_firmware | < 1.2.0.88 | 1.2.0.88 |
| netgear | r6850_firmware | < 1.1.0.84 | 1.1.0.84 |
| netgear | r6900v2_firmware | < 1.2.0.88 | 1.2.0.88 |
| netgear | r7200_firmware | < 1.2.0.88 | 1.2.0.88 |
| netgear | r7350_firmware | < 1.2.0.88 | 1.2.0.88 |
| netgear | r7400_firmware | < 1.2.0.88 | 1.2.0.88 |
| netgear | r7450_firmware | < 1.2.0.88 | 1.2.0.88 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck6.8MEDIUM