Authentication Bypass Vulnerability in NETGEAR Routers and Extenders
CVE-2021-38514

2.4LOW

Key Information:

Vendor: Netgear
Status: D3600 Firmware
Vendor: CVE Published:; 11 August 2021

What is CVE-2021-38514?

Certain NETGEAR routers and extenders are susceptible to an authentication bypass vulnerability, allowing unauthorized access to its administrative functionalities. This may lead to potential exposure of sensitive information or manipulation of device settings by malicious actors. Users are strongly advised to update their devices to the latest firmware versions to mitigate this risk.

References

https://kb.netgear.com/000063757/Security-Advisory-for-Au...

x_refsource_MISC

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 11, 2021
Vulnerability Reserved
Aug 10, 2021

Netgear

What is CVE-2021-38514?

References

CVSS V3.1

Timeline