CVE-2021-45645

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122.

Published: Dec 26, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-45645
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
netgear / rbs50y_firmware	-	2.7.0.122
netgear / srk60_firmware	-	2.7.0.122
netgear / srr60_firmware	-	2.7.0.122
netgear / srs60_firmware	-	2.7.0.122
netgear / sxk30_firmware	-	3.2.33.108
netgear / sxr30_firmware	-	3.2.33.108
netgear / sxs30_firmware	-	3.2.33.108
netgear / src60_firmware	-	2.7.0.122

https://kb.netgear.com/000064530/Security-Advisory-for-Security-Misconfiguration-on-Some-WiFi-Systems-PSV-2021-0127

Vulnerability Database

289,697

CVE-2021-45645