CVE-2021-45556

Published: Dic 26, 2021 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2021-32322 Aliases: GSD-2021-45556
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,5
Source: [email protected]
Attack Vector: adjacent_network
Attack Complexity: high
Privileges Required: high
User Interaction: none
Scope: changed
Confidentiality: low
Integrity: high
Availability: high
MEDIUM 6,5
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: single
Confidentiality: partial
Integrity: partial
Availability: partial

Description

AI Translation Available

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects GS108Tv2 before 5.4.2.36, GS110TPP before 7.0.7.2, GS110TPv2 before 5.4.2.36., GS110TPv3 before 7.0.7.2, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0079
Percentile
0,7th
Updated

EPSS Score Trend (Last 90 Days)

77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability
Potential Impacts:
Execute Unauthorized Code Or Commands
Applicable Platforms
Technologies: AI/ML
Likelihood of Exploit: High
View CWE Details
Operating System

Gs752Tpp Firmware by Netgear

Product Information
Vendor Netgear
Product Gs752Tpp Firmware
Version Range Affected
To 6.0.8.2 (exclusive)
cpe:2.3:o:netgear:gs752tpp_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs728Tppv2 Firmware by Netgear

Product Information
Vendor Netgear
Product Gs728Tppv2 Firmware
Version Range Affected
To 6.0.8.2 (exclusive)
cpe:2.3:o:netgear:gs728tppv2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs724Tpv2 Firmware by Netgear

Product Information
Vendor Netgear
Product Gs724Tpv2 Firmware
Version Range Affected
To 2.0.6.3 (exclusive)
cpe:2.3:o:netgear:gs724tpv2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs110Tpv2 Firmware by Netgear

Product Information
Vendor Netgear
Product Gs110Tpv2 Firmware
Version Range Affected
To 5.4.2.36 (exclusive)
cpe:2.3:o:netgear:gs110tpv2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs728Tpv2 Firmware by Netgear

Product Information
Vendor Netgear
Product Gs728Tpv2 Firmware
Version Range Affected
To 6.0.8.2 (exclusive)
cpe:2.3:o:netgear:gs728tpv2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs724Tpp Firmware by Netgear

Product Information
Vendor Netgear
Product Gs724Tpp Firmware
Version Range Affected
To 2.0.6.3 (exclusive)
cpe:2.3:o:netgear:gs724tpp_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs310Tp Firmware by Netgear

Product Information
Vendor Netgear
Product Gs310Tp Firmware
Version Range Affected
To 1.0.3.2 (exclusive)
cpe:2.3:o:netgear:gs310tp_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs110Tpv3 Firmware by Netgear

Product Information
Vendor Netgear
Product Gs110Tpv3 Firmware
Version Range Affected
To 7.0.7.2 (exclusive)
cpe:2.3:o:netgear:gs110tpv3_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ms510Txm Firmware by Netgear

Product Information
Vendor Netgear
Product Ms510Txm Firmware
Version Range Affected
To 1.0.4.2 (exclusive)
cpe:2.3:o:netgear:ms510txm_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs110Tpp Firmware by Netgear

Product Information
Vendor Netgear
Product Gs110Tpp Firmware
Version Range Affected
To 7.0.7.2 (exclusive)
cpe:2.3:o:netgear:gs110tpp_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs752Tpv2 Firmware by Netgear

Product Information
Vendor Netgear
Product Gs752Tpv2 Firmware
Version Range Affected
To 6.0.8.2 (exclusive)
cpe:2.3:o:netgear:gs752tpv2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ms510Txup Firmware by Netgear

Product Information
Vendor Netgear
Product Ms510Txup Firmware
Version Range Affected
To 1.0.4.2 (exclusive)
cpe:2.3:o:netgear:ms510txup_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs108Tv2 Firmware by Netgear

Product Information
Vendor Netgear
Product Gs108Tv2 Firmware
Version Range Affected
To 5.4.2.36 (exclusive)
cpe:2.3:o:netgear:gs108tv2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Gs308T Firmware by Netgear

Product Information
Vendor Netgear
Product Gs308T Firmware
Version Range Affected
To 1.0.3.2 (exclusive)
cpe:2.3:o:netgear:gs308t_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://kb.netgear.com/000064534/Security-Advisory-for-Post…
Patch Vendor Advisory
https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Comm…
https://kb.netgear.com/000064534/Security-Advisory-for-Post…
Patch Vendor Advisory
https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Comm…