CVE-2021-45645

3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.3%
top 49.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Netgear Rbs50y FirmwareNetgear Src60 FirmwareNetgear Srk60 Firmware+5 more
Timeline
PublishedDec 26
Latest updateDec 27

Description

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.7

Affected Packages8 packages

NVDnetgear/src60_firmware< 2.7.0.122
NVDnetgear/srk60_firmware< 2.7.0.122
NVDnetgear/srr60_firmware< 2.7.0.122
NVDnetgear/srs60_firmware< 2.7.0.122
NVDnetgear/sxk30_firmware< 3.2.33.108

Patches

Patch: kb.netgear.comPatch: kb.netgear.com

🔴Vulnerability Details

2
GHSA
GHSA-cjxv-8x48-8xvp: Certain NETGEAR devices are affected by incorrect configuration of security settings2021-12-27
CVEList
CVE-2021-45645: Certain NETGEAR devices are affected by incorrect configuration of security settings2021-12-26
CVE-2021-45645 (CRITICAL CVSS 9.8) | Certain NETGEAR devices are affecte | cvebase.io