Rbs50Y Firmware
CVE-2021-45645
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122.
AnalysisAI
Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122. Affected products include: Netgear Rbs50Y Firmware, Netgear Srk60 Firmware, Netgear Srr60 Firmware, Netgear Srs60 Firmware, Netgear Sxk30 Firmware. Version information: before 2.7.0.122.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Rbs50Y Firmware
View allAn issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satel
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satel
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satel
Certain NETGEAR devices are affected by server-side injection. Rated critical severity (CVSS 9.8), this vulnerability is
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS
Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated critical severity (CVSS 9.4)
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated high severity (CVSS 8.8)
Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.8), this
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nigh
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today