CVE-2021-45511

Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021-08-27, AC2600 before 2021-08-27, D7000 before 2021-08-27, R6220 before 2021-08-27, R6230 before 2021-08-27, R6260 before 2021-08-27, R6330 before 2021-08-27, R6350 before 2021-08-27, R6700v2 before 2021-08-27, R6800 before 2021-08-27, R6850 before 2021-08-27, R6900v2 before 2021-08-27, R7200 before 2021-08-27, R7350 before 2021-08-27, R7400 before 2021-08-27, and R7450 before 2021-08-27.

Published: Dec 26, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-45511
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
netgear / ac2100_firmware	-	1.2.0.88
netgear / ac2400_firmware	-	1.2.0.88
netgear / ac2600_firmware	-	1.2.0.88
netgear / d7000_firmware	-	1.0.1.80
netgear / r6220_firmware	-	1.1.0.110
netgear / r6230_firmware	-	1.1.0.110
netgear / r6260_firmware	-	1.1.0.84
netgear / r6330_firmware	-	1.1.0.84
netgear / r6350_firmware	-	1.1.0.84
netgear / r6700v2_firmware	-	1.2.0.88
netgear / r6800_firmware	-	1.2.0.88
netgear / r6850_firmware	-	1.1.0.84
netgear / r6900v2_firmware	-	1.2.0.88
netgear / r7200_firmware	-	1.2.0.88
netgear / r7350_firmware	-	1.2.0.88
netgear / r7400_firmware	-	1.2.0.88
netgear / r7450_firmware	-	1.2.0.88

https://kb.netgear.com/000063961/Security-Advisory-for-Authentication-Bypass-Vulnerability-on-the-D7000-and-Some-Routers-PSV-2021-0133

Vulnerability Database

289,697

CVE-2021-45511