← back
CVE-2021-45632

CVE-2021-45632

CVSS 9.6 CRITICALEPSS 0.8%
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.6EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
26 Dec 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
CVSS:3.1/AC:L/AV:A/A:H/C:H/I:H/PR:N/S:C/UI:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kb.netgear.com/000064137/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0505