Netgear Products Remote Code Execution Vulnerability

Release Date: 12 Nov 2021 4628 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability was identified in Netgear Products. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

Impact

  • Remote Code Execution

System / Technologies affected

  • EX3700 running firmware versions prior to 1.0.0.94
  • EX3800 running firmware versions prior to 1.0.0.94
  • EX6120 running firmware versions prior to 1.0.0.66
  • EX6130 running firmware versions prior to 1.0.0.66
  • R6400 running firmware versions prior to 1.0.1.76
  • R6400v2 running firmware versions prior to 1.0.4.120
  • R6700v3 running firmware versions prior to 1.0.4.120
  • R6900P running firmware versions prior to 1.3.3.142_HOTFIX
  • R7000 running firmware versions prior to 1.0.11.128
  • R7000P running firmware versions prior to 1.3.3.142_HOTFIX
  • R7100LG running firmware versions prior to 1.0.0.72
  • R7850 running firmware versions prior to 1.0.5.76
  • R7900P running firmware versions prior to 1.4.2.84
  • R7960P running firmware versions prior to 1.4.2.84
  • R8000 running firmware versions prior to 1.0.4.76
  • R8000P running firmware versions prior to 1.4.2.84
  • R8300 running firmware versions prior to 1.0.2.156
  • R8500 running firmware versions prior to 1.0.2.156
  • RAX15 running firmware versions prior to 1.0.4.100
  • RAX20 running firmware versions prior to 1.0.4.100
  • RAX200 running firmware versions prior to 1.0.5.132
  • RAX35v2 running firmware versions prior to 1.0.4.100
  • RAX38v2 running firmware versions prior to 1.0.4.100
  • RAX40v2 running firmware versions prior to 1.0.4.100
  • RAX42 running firmware versions prior to 1.0.4.100
  • RAX43 running firmware versions prior to 1.0.4.100
  • RAX45 running firmware versions prior to 1.0.4.100
  • RAX48 running firmware versions prior to 1.0.4.100
  • RAX50 running firmware versions prior to 1.0.4.100
  • RAX50S running firmware versions prior to 1.0.4.100
  • RAX75 running firmware versions prior to 1.0.5.132
  • RAX80 running firmware versions prior to 1.0.5.132
  • RAXE450 running firmware versions prior to 1.0.8.70
  • RAXE500 running firmware versions prior to 1.0.8.70
  • RS400 running firmware versions prior to 1.5.1.80
  • WNDR3400v3 running firmware versions prior to 1.0.1.42
  • WNR3500Lv2 running firmware versions prior to 1.2.0.70
  • XR300 running firmware versions prior to 1.0.3.68
  • D6220 running firmware versions prior to 1.0.0.76
  • D6400 running firmware versions prior to 1.0.0.108
  • D7000v2 running firmware versions prior to 1.0.0.76
  • DGN2200v4 running firmware versions prior to 1.0.0.126
  • DC112A running firmware versions prior to 1.0.0.62
  • CAX80 running firmware versions prior to 2.1.3.5

Solutions

Before installation of the software, please visit the vendor's web-site for more details.

 

  • Apply fixes issued by the vendor:
  • Upgrade EX3700 firmware to version 1.0.0.94
  • Upgrade EX3800 firmware to version 1.0.0.94
  • Upgrade EX6120 firmware to version 1.0.0.66
  • Upgrade EX6130 firmware to version 1.0.0.66
  • Upgrade R6400 firmware to version 1.0.1.76
  • Upgrade R6400v2 firmware to version 1.0.4.120
  • Upgrade R6700v3 firmware to version 1.0.4.120
  • Upgrade R6900P firmware to version 1.3.3.142_HOTFIX
  • Upgrade R7000 firmware to version 1.0.11.128
  • Upgrade R7000P firmware to version 1.3.3.142_HOTFIX
  • Upgrade R7100LG firmware to version 1.0.0.72
  • Upgrade R7850 firmware to version 1.0.5.76
  • Upgrade R7900P firmware to version 1.4.2.84
  • Upgrade R7960P firmware to version 1.4.2.84
  • Upgrade R8000 firmware to version 1.0.4.76
  • Upgrade R8000P firmware to version 1.4.2.84
  • Upgrade R8300 firmware to version 1.0.2.156
  • Upgrade R8500 firmware to version 1.0.2.156
  • Upgrade RAX15 firmware to version 1.0.4.100
  • Upgrade RAX20 firmware to version 1.0.4.100
  • Upgrade RAX200 firmware to version 1.0.5.132
  • Upgrade RAX35v2 firmware to version 1.0.4.100
  • Upgrade RAX38v2 firmware to version 1.0.4.100
  • Upgrade RAX40v2 firmware to version 1.0.4.100
  • Upgrade RAX42 firmware to version 1.0.4.100
  • Upgrade RAX43 firmware to version 1.0.4.100
  • Upgrade RAX45 firmware to version 1.0.4.100
  • Upgrade RAX48 firmware to version 1.0.4.100
  • Upgrade RAX50 firmware to version 1.0.4.100
  • Upgrade RAX50S firmware to version 1.0.4.100
  • Upgrade RAX75 firmware to version 1.0.5.132
  • Upgrade RAX80 firmware to version 1.0.5.132
  • Upgrade RAXE450 firmware to version 1.0.8.70
  • Upgrade RAXE500 firmware to version 1.0.8.70
  • Upgrade RS400 firmware to version 1.5.1.80
  • Upgrade WNDR3400v3 firmware to version 1.0.1.42
  • Upgrade WNR3500Lv2 firmware to version 1.2.0.70
  • Upgrade XR300 firmware to version 1.0.3.68
  • Upgrade D6220 firmware to version 1.0.0.76
  • Upgrade D6400 firmware to version 1.0.0.108
  • Upgrade D7000v2 firmware to version 1.0.0.76
  • Upgrade DGN2200v4 firmware to version 1.0.0.126
  • Upgrade DC112A firmware to version 1.0.0.62
  • Upgrade CAX80 firmware to version 2.1.3.5
  • https://kb.netgear.com/000064361/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0168#

Vulnerability Identifier

CVE-2021-34991

Source

Related Link

Related Tags

NetgearRemote Code Execution

Share with

Previous

PostgreSQL Multiple Vulnerabilities

12 Nov 2021 6704 Views

Next

Apple iCloud Multiple Vulnerabilities

12 Nov 2021 5208 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY