Cross-Site Request Forgery Vulnerability in NETGEAR Wireless Extenders
CVE-2021-32122

9.8CRITICAL

Key Information:

Vendor: Netgear
Status: Ex3700 Firmware
Vendor: CVE Published:; 11 August 2021

Summary

Certain NETGEAR Wireless Extenders are susceptible to a Cross-Site Request Forgery attack, which could allow unauthorized users to execute commands or access sensitive information without the knowledge of the legitimate user. Affected models include the EX3700, EX3800, EX6120, and EX6130, each requiring updates to specific versions to mitigate the vulnerability. For more details, refer to the official NETGEAR security advisory.

References

https://kb.netgear.com/000063883/Security-Advisory-for-Cr...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 11, 2021
Vulnerability Reserved
May 7, 2021