CVE-2021-27254

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encryption key. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-12287.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:br200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:br200:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:br500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:br500:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:ex6100v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6100v2:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:ex6150v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6150v2:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:netgear:rbk12_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk12:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:netgear:rbk13_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk13:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:netgear:rbk14_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk14:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:netgear:rbk15_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk15:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:netgear:rbk20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk20:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:netgear:rbk23_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk23:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:netgear:rbk40_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk40:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:netgear:rbk43_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk43:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:netgear:rbk43s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk43s:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:netgear:rbk44_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk44:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:netgear:rbk50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk50:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:netgear:rbk53_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbk53:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*

Configuration 36 (hide)

AND
cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*

Configuration 37 (hide)

AND
cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*

Configuration 38 (hide)

AND
cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*

Configuration 39 (hide)

AND
cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*

Configuration 40 (hide)

AND
cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*

Configuration 41 (hide)

AND
cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*

Configuration 42 (hide)

AND
cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*

Configuration 43 (hide)

AND
cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*

History

25 Apr 2022, 17:48

Type Values Removed Values Added
CWE CWE-259 CWE-798

Information

Published : 2021-03-05 20:15

Updated : 2024-02-04 21:23


NVD link : CVE-2021-27254

Mitre link : CVE-2021-27254

CVE.ORG link : CVE-2021-27254


JSON object : View

Products Affected

netgear

  • rbk53
  • rbs20
  • d7800_firmware
  • rbk13_firmware
  • ex7320
  • rbk53_firmware
  • rbr10
  • ex6400_firmware
  • ex6410
  • xr500_firmware
  • rbr40
  • ex6400v2
  • ex6150v2
  • rbk14_firmware
  • ex7700_firmware
  • br500
  • rbr20
  • rbs50
  • r8900_firmware
  • rbk14
  • rbk23_firmware
  • ex6100v2
  • r9000
  • br200_firmware
  • rbk44
  • xr450_firmware
  • rbs50y_firmware
  • ex6400
  • ex6410_firmware
  • rbk40_firmware
  • ex7300_firmware
  • ex6150v2_firmware
  • xr500
  • ex6400v2_firmware
  • r7800_firmware
  • ex7320_firmware
  • rbk50_firmware
  • rbs50y
  • ex8000
  • rbs20_firmware
  • rbk20_firmware
  • rbk20
  • ex6250_firmware
  • rbk23
  • rbs40
  • lbr20_firmware
  • xr700_firmware
  • lbr20
  • ex7300
  • rbk43s_firmware
  • rbk44_firmware
  • ex6420_firmware
  • rbk15
  • rbs50_firmware
  • xr700
  • d7800
  • ex6250
  • rbk12
  • rbs40_firmware
  • rbr40_firmware
  • rbs10
  • rbk40
  • ex6420
  • ex7700
  • rbk43s
  • xr450
  • rbr10_firmware
  • br200
  • rbk43
  • rbr50
  • rbk43_firmware
  • ex7300v2_firmware
  • r9000_firmware
  • rbk15_firmware
  • rbk12_firmware
  • rbr50_firmware
  • rbk50
  • r7800
  • rbs10_firmware
  • br500_firmware
  • ex8000_firmware
  • r8900
  • ex6100v2_firmware
  • rbr20_firmware
  • rbk13
  • ex7300v2
CWE
CWE-798

Use of Hard-coded Credentials

CWE-259

Use of Hard-coded Password