Ex3700 Firmware
CVE-2021-32122
HIGH
Severity by source
AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Certain NETGEAR devices are affected by CSRF. This affects EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, and EX6130 before 1.0.0.44.
AnalysisAI
Certain NETGEAR devices are affected by CSRF. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Request Forgery (CSRF) (CWE-352), which allows attackers to trick authenticated users into performing unintended actions. Certain NETGEAR devices are affected by CSRF. This affects EX3700 before 1.0.0.90, EX3800 before 1.0.0.90, EX6120 before 1.0.0.64, and EX6130 before 1.0.0.44. Affected products include: Netgear Ex3700 Firmware, Netgear Ex3800 Firmware, Netgear Ex6120 Firmware, Netgear Ex6130 Firmware. Version information: before 1.0.0.90.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement anti-CSRF tokens, validate Origin/Referer headers, use SameSite cookie attribute.
More in Ex3700 Firmware
View allA critical stack-based buffer overflow vulnerability (CVE-2025-5934) exists in Netgear EX3700 wireless extenders up to v
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injectio
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS
Certain NETGEAR devices are affected by weak cryptography. Rated critical severity (CVSS 9.8), this vulnerability is rem
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS
Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated critical severity (CVSS 9.4)
Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 8.8), th
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R640
Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), th
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in
Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), th
Certain NETGEAR devices are affected by reflected XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today