CVE-2021-45637

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6260 before 1.1.0.76, R6800 before 1.2.0.62, R6700v2 before 1.2.0.62, R6900v2 before 1.2.0.62, R7450 before 1.2.0.62, AC2100 before 1.2.0.62, AC2400 before 1.2.0.62, and AC2600 before 1.2.0.62.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netgear:r6700v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6700v2:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netgear:r6900v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6900v2:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ac2100:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ac2400:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ac2600:-:*:*:*:*:*:*:*

History

07 Jan 2022, 18:52

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8
CWE CWE-787
CPE cpe:2.3:h:netgear:r6800:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ac2600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ac2100:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r7450:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6700v2:-:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6700v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6900v2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6260:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:r6900v2:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ac2400:-:*:*:*:*:*:*:*
cpe:2.3:h:netgear:ac2600:-:*:*:*:*:*:*:*
References (MISC) https://kb.netgear.com/000064059/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-PSV-2019-0081 - (MISC) https://kb.netgear.com/000064059/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-Some-Routers-PSV-2019-0081 - Patch, Vendor Advisory

26 Dec 2021, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-12-26 01:15

Updated : 2024-02-04 22:08


NVD link : CVE-2021-45637

Mitre link : CVE-2021-45637

CVE.ORG link : CVE-2021-45637


JSON object : View

Products Affected

netgear

  • r6800_firmware
  • ac2100_firmware
  • ac2600_firmware
  • ac2100
  • ac2400
  • r6700v2
  • r7450
  • r6260
  • r6700v2_firmware
  • ac2600
  • ac2400_firmware
  • r6260_firmware
  • r7450_firmware
  • r6800
  • r6900v2_firmware
  • r6900v2
CWE
CWE-787

Out-of-bounds Write