CVE-2021-29067

CRITICAL

9.6

Description

Certain NETGEAR devices are affected by authentication bypass. This affects RBW30 before 2.6.2.2, RBS40V before 2.6.2.4, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.

CVE Details

CVSS v3.1 Score9.6

SeverityCRITICAL

CVSS VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack VectorADJACENT_NETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published3/23/2021

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

netgear:rbk752netgear:rbk752_firmwarenetgear:rbk753netgear:rbk753_firmwarenetgear:rbk753snetgear:rbk753s_firmwarenetgear:rbk754netgear:rbk754_firmwarenetgear:rbk852netgear:rbk852_firmwarenetgear:rbk853netgear:rbk853_firmwarenetgear:rbk854netgear:rbk854_firmwarenetgear:rbr750netgear:rbr750_firmwarenetgear:rbr850netgear:rbr850_firmwarenetgear:rbs40vnetgear:rbs40v_firmwarenetgear:rbs750netgear:rbs750_firmwarenetgear:rbs850netgear:rbs850_firmwarenetgear:rbw30netgear:rbw30_firmware

References

https://kb.netgear.com/000063017/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0492(cve@mitre.org)

https://kb.netgear.com/000063017/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0492(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.