CVE-2021-40866

Exploit

EPSS 1.43%
Published 13.09.2021 08:15:08
Last modified 21.11.2024 06:24:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication when the authentication TLV is missing from a received NSDP packet. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS750E before 1.0.1.10, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2.

Affected products Warnungen 0 Metrics 4 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Netgear ≫ Gc108p Firmware Version < 1.0.8.2

Netgear ≫ Gc108p Version-

Netgear ≫ Gc108pp Firmware Version < 1.0.8.2

Netgear ≫ Gc108pp Version-

Netgear ≫ Gs108t Firmware Version < 7.0.7.2

Netgear ≫ Gs108tv3 Version-

Netgear ≫ Gs110tpp Firmware Version < 7.0.7.2

Netgear ≫ Gs110tpp Version-

Netgear ≫ Gs110tp Firmware Version < 7.0.7.2

Netgear ≫ Gs110tp Versionv3

Netgear ≫ Gs110tup Firmware Version < 1.0.5.3

Netgear ≫ Gs110tup Version-

Netgear ≫ Gs308t Firmware Version < 1.0.3.2

Netgear ≫ Gs308t Version-

Netgear ≫ Gs310tp Firmware Version < 1.0.3.2

Netgear ≫ Gs310tp Version-

Netgear ≫ Gs710tup Firmware Version < 1.0.5.3

Netgear ≫ Gs710tup Version-

Netgear ≫ Gs716tp Firmware Version < 1.0.4.2

Netgear ≫ Gs716tp Version-

Netgear ≫ Gs716tpp Firmware Version < 1.0.4.2

Netgear ≫ Gs716tpp Version-

Netgear ≫ Gs724tpp Firmware Version < 2.0.6.3

Netgear ≫ Gs724tpp Version-

Netgear ≫ Gs724tp Firmware Version < 2.0.6.3

Netgear ≫ Gs724tp Versionv2

Netgear ≫ Gs728tpp Firmware Version < 6.0.8.2

Netgear ≫ Gs728tpp Versionv2

Netgear ≫ Gs728tp Firmware Version < 6.0.8.2

Netgear ≫ Gs728tp Versionv2

Netgear ≫ Gs750e Firmware Version < 1.0.1.10

Netgear ≫ Gs750e Version-

Netgear ≫ Gs752tpp Firmware Version < 6.0.8.2

Netgear ≫ Gs752tpp Version-

Netgear ≫ Gs752tp Firmware Version < 6.0.8.2

Netgear ≫ Gs752tp Versionv2

Netgear ≫ Ms510txm Firmware Version < 1.0.4.2

Netgear ≫ Ms510txm Version-

Netgear ≫ Ms510txup Firmware Version < 1.0.4.2

Netgear ≫ Ms510txup Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.43%	0.789

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	5.4	5.5	6.4	AV:A/AC:M/Au:N/C:P/I:P/A:P
cve@mitre.org	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

https://gynvael.coldwind.pl/?id=740

Third Party Advisory

Exploit

https://kb.netgear.com/000063978/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Smart-Switches-PSV-2021-0140-PSV-2021-0144-PSV-2021-0145

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-40866

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-40866

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-40866

EUVD