Vulnerability CVE-2021-45605 - CERT Civis.Net

Vulnerability Name:

CVE-2021-45605 (CCN-210173)

Assigned:

2021-09-25

Published:

2021-09-25

Updated:

2022-01-05

Summary:

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400 before 1.0.1.68, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7900 before 1.0.4.38, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, and XR300 before 1.0.3.50.

CVSS v3 Severity:

8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

6.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): High User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2021-45605

Source: XF
Type: UNKNOWN
netgear-psv20190214-dos(210173)

Source: MISC
Type: Patch, Vendor Advisory
https://kb.netgear.com/000064072/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-PSV-2019-0214

Source: CCN
Type: NETGEAR Security Advisory: PSV-2019-0214
Security Advisory for Post-Authentication Stack Overflow on Some Routers

Vulnerable Configuration:

Configuration 1:

cpe:/o:netgear:r6400_firmware:*:*:*:*:*:*:*:* (Version < 1.0.1.68)

AND

cpe:/h:netgear:r6400:-:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:netgear:r7000_firmware:*:*:*:*:*:*:*:* (Version < 1.0.11.116)

AND

cpe:/h:netgear:r7000:-:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:netgear:r6900p_firmware:*:*:*:*:*:*:*:* (Version < 1.3.3.140)

AND

cpe:/h:netgear:r6900p:-:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:netgear:r7000p_firmware:*:*:*:*:*:*:*:* (Version < 1.3.3.140)

AND

cpe:/h:netgear:r7000p:-:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:netgear:r7900_firmware:*:*:*:*:*:*:*:* (Version < 1.0.4.38)

AND

cpe:/h:netgear:r7900:-:*:*:*:*:*:*:*

Configuration 6:

cpe:/o:netgear:rax75_firmware:*:*:*:*:*:*:*:* (Version < 1.0.3.102)

AND

cpe:/h:netgear:rax75:-:*:*:*:*:*:*:*

Configuration 7:

cpe:/o:netgear:rax80_firmware:*:*:*:*:*:*:*:* (Version < 1.0.3.102)

AND

cpe:/h:netgear:rax80:-:*:*:*:*:*:*:*

Configuration 8:

cpe:/o:netgear:xr300_firmware:*:*:*:*:*:*:*:* (Version < 1.0.3.50)

AND

cpe:/h:netgear:xr300:-:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:netgear:r7900_firmware:1.0.3:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7000_firmware:1.0.9:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7000p_firmware:1.3.0:*:*:*:*:*:*:*

OR cpe:/o:netgear:r6900p_firmware:1.3.0:*:*:*:*:*:*:*

OR cpe:/o:netgear:r6400_firmware:1.0.1:*:*:*:*:*:*:*

OR cpe:/o:netgear:r6900p_firmware:1.3.1:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7000p_firmware:1.3.1:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7900_firmware:1.0.2:*:*:*:*:*:*:*

OR cpe:/o:netgear:r6900p_firmware:1.0.0:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7000p_firmware:1.0.0:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7900_firmware:1.0.1:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7900p_firmware:1.3.0:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7000_firmware:1.0.7:*:*:*:*:*:*:*

OR cpe:/o:netgear:r6400_firmware:1.0.1:*:*:*:*:*:*:*

OR cpe:/o:netgear:r6900p_firmware:1.0.1.16:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7000p_firmware:1.0.1.16:*:*:*:*:*:*:*

OR cpe:/o:netgear:r6900p_firmware:1.2.0.22:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7000p_firmware:1.2.0.22:*:*:*:*:*:*:*

OR cpe:/o:netgear:r6900p_firmware:1.0.0.55:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7000_firmware:1.0.9.6_1.2.19:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7000_firmware:1.0.11.100_10.2.10:*:*:*:*:*:*:*

OR cpe:/o:netgear:r7900_firmware:1.0.4.30:*:*:*:*:*:*:*

Denotes that component is vulnerable