CVE-2021-32122

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2021-32122
Certain NETGEAR devices are affected by CSRF. This affects EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, and EX6130 before 1.0.0.44.

8.0 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

5.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 5.5 / Impact : 6.4

Access Vector ADJACENT_NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://kb.netgear.com/000063883/Security-Advisory-for-Cross-Site-Request-Forgery-on-Some-Extenders-PSV-2021-0102 Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:ex3700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex3700:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:ex3800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex3800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*
Information

Published : 2021-08-10 17:15

Updated : 2021-08-19 10:02

NVD link : CVE-2021-32122

Mitre link : CVE-2021-32122

JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa
Products Affected

netgear

  • ex3700
  • ex6130
  • ex6120
  • ex3800
  • ex3700_firmware
  • ex6130_firmware
  • ex6120_firmware
  • ex3800_firmware