CVE-2021-45602

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:wn3000rpv3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:wn3000rpv3:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:lbr1020_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:lbr1020:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netgear:r6700ax_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6700ax:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:netgear:rax10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rax10:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:netgear:rax120v1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rax120v1:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:netgear:rax120v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rax120v2:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:netgear:rax70_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rax70:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:netgear:rax78_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rax78:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*

Information

Published : 2021-12-25 17:15

Updated : 2022-07-12 10:42


NVD link : CVE-2021-45602

Mitre link : CVE-2021-45602


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

netgear

  • rax70
  • wn3000rpv2
  • r7800
  • r9000_firmware
  • lbr20
  • xr700_firmware
  • ex2700
  • r8900
  • lbr1020_firmware
  • rax120v1
  • rax120v2_firmware
  • wn3000rpv2_firmware
  • wn3000rpv3_firmware
  • d7800_firmware
  • r7800_firmware
  • xr500_firmware
  • d7800
  • wn3000rpv3
  • rax120v1_firmware
  • ex2700_firmware
  • r8900_firmware
  • xr700
  • rax10_firmware
  • rax10
  • rax70_firmware
  • rax78_firmware
  • xr450_firmware
  • lbr20_firmware
  • r6700ax
  • xr500
  • r9000
  • xr450
  • rax78
  • rax120v2
  • r6700ax_firmware
  • lbr1020