CVE-2021-45647Sensitive Information Exposure in Netgear Ac2100 Firmware

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
7.5HIGHNVD
CNA6.5
EPSS
0.3%
top 49.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
34
Netgear Ac2100 FirmwareNetgear Ac2400 FirmwareNetgear Ac2600 Firmware+31 more
Timeline
PublishedDec 26
Latest updateDec 27

Description

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages34 packages

NVDnetgear/r7000p_firmware< 1.3.3.140
NVDnetgear/r7900p_firmware< 1.4.1.66
NVDnetgear/r8000p_firmware< 1.4.1.66
NVDnetgear/rax200_firmware< 1.0.3.106
NVDnetgear/eax80_firmware< 1.0.1.62

Patches

Patch: kb.netgear.comPatch: kb.netgear.com

🔴Vulnerability Details

2
GHSA
GHSA-wgj8-hg3j-j44v: Certain NETGEAR devices are affected by disclosure of sensitive information2021-12-27
CVEList
CVE-2021-45647: Certain NETGEAR devices are affected by disclosure of sensitive information2021-12-26
CVE-2021-45647 — Sensitive Information Exposure | cvebase