CVE-2021-45648

CWE-200Information Exposure3 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 46.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
18
Netgear Ex6100v2 FirmwareNetgear Ex6150v2 FirmwareNetgear Ex6250 Firmware+15 more
Timeline
PublishedDec 26
Latest updateDec 27

Description

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EX6100v2 before 1.0.1.106, EX6150v2 before 1.0.1.106, EX6250 before 1.0.0.146, EX6400 before 1.0.2.164, EX6400v2 before 1.0.0.146, EX6410 before 1.0.0.146, EX6420 before 1.0.0.146, EX7300 before 1.0.2.164, EX7300v2 before 1.0.0.146, EX7320 before 1.0.0.146, EX7700 before 1.0.0.222, LBR1020 before 2.6.5.16, LBR20 before 2.6.5.2, RBK352 before 4.3.4.7, RBK50 before 2.7.3.22, RBR350 before 4.3.4.7, RBR50 befor

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages18 packages

NVDnetgear/ex6400v2_firmware< 1.0.0.146
NVDnetgear/ex7300v2_firmware< 1.0.0.146
NVDnetgear/lbr20_firmware< 2.6.5.2
NVDnetgear/rbk50_firmware< 2.7.3.22
NVDnetgear/rbr50_firmware< 2.7.3.22

Patches

Patch: kb.netgear.comPatch: kb.netgear.com

🔴Vulnerability Details

2
GHSA
GHSA-hhm5-85r6-q9w9: Certain NETGEAR devices are affected by disclosure of sensitive information2021-12-27
CVEList
CVE-2021-45648: Certain NETGEAR devices are affected by disclosure of sensitive information2021-12-26