CVE-2021-45623

CVSS 8.3 HIGHEPSS 1.7%

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R7800 before 1.0.2.74, R9000 before 1.0.5.2, and XR500 before 2.3.2.66.

CVSS:3.1/AC:L/AV:A/A:L/C:H/I:H/PR:N/S:U/UI:N

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kb.netgear.com/000064449/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-PSV-2019-0203