CVE-2021-33514

Exploit

EPSS 24.21%
Published 21.05.2021 23:15:07
Last modified 21.11.2024 06:08:59
Source cve@mitre.org
Teams watchlist Login
Open Login

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field. This affects GC108P before 1.0.7.3, GC108PP before 1.0.7.3, GS108Tv3 before 7.0.6.3, GS110TPPv1 before 7.0.6.3, GS110TPv3 before 7.0.6.3, GS110TUPv1 before 1.0.4.3, GS710TUPv1 before 1.0.4.3, GS716TP before 1.0.2.3, GS716TPP before 1.0.2.3, GS724TPPv1 before 2.0.4.3, GS724TPv2 before 2.0.4.3, GS728TPPv2 before 6.0.6.3, GS728TPv2 before 6.0.6.3, GS752TPPv1 before 6.0.6.3, GS752TPv2 before 6.0.6.3, MS510TXM before 1.0.2.3, and MS510TXUP before 1.0.2.3.

Affected products Warnungen 0 Metrics 4 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Netgear ≫ Gc108p Firmware Version < 1.0.7.3

Netgear ≫ Gc108p Version-

Netgear ≫ Gc108pp Firmware Version < 1.0.7.3

Netgear ≫ Gc108pp Version-

Netgear ≫ Gs108t Firmware Version < 7.0.6.3

Netgear ≫ Gs108tv3 Version-

Netgear ≫ Gs110tpp Firmware Version < 7.0.6.3

Netgear ≫ Gs110tpp Versionv1

Netgear ≫ Gs110tp Firmware Version < 7.0.6.3

Netgear ≫ Gs110tp Versionv3

Netgear ≫ Gs110tup Firmware Version < 1.0.4.3

Netgear ≫ Gs110tup Versionv1

Netgear ≫ Gs710tup Firmware Version < 1.0.4.3

Netgear ≫ Gs710tup Versionv1

Netgear ≫ Gs716tp Firmware Version < 1.0.2.3

Netgear ≫ Gs716tp Version-

Netgear ≫ Gs716tpp Firmware Version < 1.0.2.3

Netgear ≫ Gs716tpp Version-

Netgear ≫ Gs724tpp Firmware Version < 2.0.4.3

Netgear ≫ Gs724tpp Versionv1

Netgear ≫ Gs724tp Firmware Version < 2.0.4.3

Netgear ≫ Gs724tp Versionv2

Netgear ≫ Gs728tpp Firmware Version < 6.0.6.3

Netgear ≫ Gs728tpp Versionv2

Netgear ≫ Gs728tp Firmware Version < 6.0.6.3

Netgear ≫ Gs728tp Versionv2

Netgear ≫ Gs752tpp Firmware Version < 6.0.6.3

Netgear ≫ Gs752tpp Versionv1

Netgear ≫ Gs752tp Firmware Version < 6.0.6.3

Netgear ≫ Gs752tp Versionv2

Netgear ≫ Ms510txm Firmware Version < 1.0.2.3

Netgear ≫ Ms510txm Version-

Netgear ≫ Ms510txup Firmware Version < 1.0.2.3

Netgear ≫ Ms510txup Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	24.21%	0.958

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
cve@mitre.org	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

https://gynvael.coldwind.pl/?lang=en&id=733

Third Party Advisory

Exploit

https://kb.netgear.com/000063641/Security-Advisory-for-Pre-Authentication-Command-Injection-Vulnerability-on-Some-Smart-Switches-PSV-2021-0071

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-33514

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-33514

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-33514

EUVD