Command Injection Vulnerability in NETGEAR WiFi Systems
CVE-2021-45565

8.4HIGH

Key Information:

Vendor
Netgear
Status
Rbk752 Firmware
Vendor
CVE Published:
26 December 2021

Summary

Certain NETGEAR WiFi systems are vulnerable to command injection attacks when accessed by an authenticated user. Devices such as the RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, all prior to firmware version 3.2.16.6, can be compromised if the authentication is bypassed, allowing attackers to execute arbitrary commands. This vulnerability raises significant security concerns, potentially leading to unauthorized access and control over affected networks.

References

https://kb.netgear.com/000064086/Security-Advisory-for-Po...
x_refsource_MISC

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.