CVE-2021-45530

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R7000 before 1.0.11.126, R7960P before 1.4.2.84, R8000 before 1.0.4.74, RAX200 before 1.0.4.120, R8000P before 1.4.2.84, RAX20 before 1.0.2.82, RAX45 before 1.0.2.82, RAX80 before 1.0.4.120, R7900P before 1.4.2.84, RAX15 before 1.0.2.82, RAX50 before 1.0.2.82, and RAX75 before 1.0.4.120.

Published: Dec 26, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-45530
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-120

Affected Software
References

Software	From	Fixed in
netgear / r7000_firmware	-	1.0.11.126
netgear / r7000p_firmware	-	1.4.2.84
netgear / r7960p_firmware	-	1.4.2.84
netgear / r8000_firmware	-	1.0.4.74
netgear / r8000p_firmware	-	1.4.2.84
netgear / rax20_firmware	-	1.0.2.82
netgear / rax200_firmware	-	1.0.4.120
netgear / rax45_firmware	-	1.0.2.82
netgear / rax15_firmware	-	1.0.2.82
netgear / rax75_firmware	-	1.0.4.120
netgear / rax80_firmware	-	1.0.4.120
netgear / rax50_firmware	-	1.0.2.82

https://kb.netgear.com/000064486/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0320

Vulnerability Database

289,697

CVE-2021-45530