CVE-2021-45514

CWE-77Command Injection3 documents3 sources
Severity
8.8HIGH
EPSS
0.2%
top 52.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netgear Xr1000 Firmware
Timeline
PublishedDec 26
Latest updateDec 27

Description

NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages1 packages

NVDnetgear/xr1000_firmware< 1.0.0.58

🔴Vulnerability Details

2
GHSA
GHSA-m8p4-q4j4-5954: NETGEAR XR1000 devices before 12021-12-27
CVEList
CVE-2021-45514: NETGEAR XR1000 devices before 12021-12-26
CVE-2021-45514 (HIGH CVSS 8.8) | NETGEAR XR1000 devices before 1.0.0 | cvebase.io