CVE-2021-29082

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2021-29082
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBW30 before 2.6.1.4, RBS40V before 2.6.1.4, RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBK754 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBK854 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.

8.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.3

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

3.3 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
https://kb.netgear.com/000063005/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-WiFi-Systems-PSV-2020-0037 Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:rbw30_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbw30:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:rbs40v_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs40v:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk752:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:rbk753_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk753:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:rbk753s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk753s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:rbk754_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk754:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr750:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs750:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk852:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netgear:rbk853_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk853:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:netgear:rbk854_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk854:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr850:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs850:-:*:*:*:*:*:*:*
Information

Published : 2021-03-23 00:15

Updated : 2021-03-24 12:31

NVD link : CVE-2021-29082

Mitre link : CVE-2021-29082

JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa
Products Affected

netgear

  • rbw30_firmware
  • rbk854
  • rbk754
  • rbw30
  • rbk752_firmware
  • rbs40v
  • rbs750_firmware
  • rbk753
  • rbk852_firmware
  • rbr850
  • rbr850_firmware
  • rbk753s_firmware
  • rbk853
  • rbk753_firmware
  • rbk752
  • rbk853_firmware
  • rbr750_firmware
  • rbk754_firmware
  • rbs40v_firmware
  • rbs750
  • rbk852
  • rbk753s
  • rbr750
  • rbk854_firmware
  • rbs850
  • rbs850_firmware