Vulnerability Name:
CCN-230121
Published:
2022-06-29
Updated:
2022-06-29
Summary:
An unspecified error in NETGEAR devices could allow a remote attacker to execute commands on the system.
CVSS v3 Severity:
9.6 Critical
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
)
8.3 High
(CCN Temporal CVSS v3.1 Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
)
Exploitability Metrics:
Attack Vector (AV):
Adjacent
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Changed
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
CVSS v2 Severity:
8.3 High
(CCN CVSS v2 Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Adjacent_Network
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
Vulnerability Consequences:
Gain Access
References:
Source: XF
Type: UNKNOWN
netgear-psv20200502-cmd-exec(230121)
Source: CCN
Type: NETGEAR Security Advisory: PSV-2020-0502
Security Advisory for Pre-Authentication Command Injection on Some Routers and WiFi Systems
Vulnerable Configuration:
Configuration CCN 1
:
cpe:/h:netgear:r9000:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:r7800:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax120:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:xr500:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rbr750:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rbk852:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rbr850:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rbs850:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:mk62:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ms60:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ex7700:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rbk752:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:d7000:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:r8900:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:xr450:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:xr700:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax40:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ex6250:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ex6410:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ex6420:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ex6400:v2:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ex7320:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ex7300:v2:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax20:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax45:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax50:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:mr60:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ex8000:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:ex6150:v2:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax35:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax38:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax120v2:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax70:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax78:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:r6700ax:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:cbr750:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax43:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax40:v2:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax35:v2:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rbk352:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rbr350:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rbs350:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:lbr1020:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:lbr20:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:rax15:-:*:*:*:*:*:*:*
OR
cpe:/h:netgear:cax80:-:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
netgear
r9000 -
netgear
r7800 -
netgear
rax120 -
netgear
xr500 -
netgear
rbr750 -
netgear
rbk852 -
netgear
rbr850 -
netgear
rbs850 -
netgear
mk62 -
netgear
ms60 -
netgear
ex7700 -
netgear
rbk752 -
netgear
d7000 -
netgear
r8900 -
netgear
xr450 -
netgear
xr700 -
netgear
rax40 -
netgear
ex6250 -
netgear
ex6410 -
netgear
ex6420 -
netgear
ex6400 v2
netgear
ex7320 -
netgear
ex7300 v2
netgear
rax20 -
netgear
rax45 -
netgear
rax50 -
netgear
mr60 -
netgear
ex8000 -
netgear
ex6150 v2
netgear
rax35 -
netgear
rax38 -
netgear
rax120v2 -
netgear
rax70 -
netgear
rax78 -
netgear
r6700ax -
netgear
cbr750 -
netgear
rax43 -
netgear
rax40 v2
netgear
rax35 v2
netgear
rbk352 -
netgear
rbr350 -
netgear
rbs350 -
netgear
lbr1020 -
netgear
lbr20 -
netgear
rax15 -
netgear
cax80 -
Denotes that component is vulnerable