CVE-2021-45512

EPSS 0.16%
Veröffentlicht 26.12.2021 01:15:13
Zuletzt bearbeitet 21.11.2024 06:32:23
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90, R6250 before 1.0.4.42, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6900P before 1.3.2.124, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7900 before 1.0.4.26, R8000 before 1.0.4.58, R8300 before 1.0.2.134, R8500 before 1.0.2.134, RS400 before 1.5.0.48, WNR3500Lv2 before 1.2.0.62, and XR300 before 1.0.3.50.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Netgear ≫ D7000 Firmware Version < 1.0.0.62

Netgear ≫ D7000 Versionv2

Netgear ≫ D8500 Firmware Version < 1.0.3.50

Netgear ≫ D8500 Version-

Netgear ≫ Ex3700 Firmware Version < 1.0.0.84

Netgear ≫ Ex3700 Version-

Netgear ≫ Ex3800 Firmware Version < 1.0.0.84

Netgear ≫ Ex3800 Version-

Netgear ≫ Ex6120 Firmware Version < 1.0.0.54

Netgear ≫ Ex6120 Version-

Netgear ≫ Ex6130 Firmware Version < 1.0.0.36

Netgear ≫ Ex6130 Version-

Netgear ≫ Ex7000 Firmware Version < 1.0.1.90

Netgear ≫ Ex7000 Version-

Netgear ≫ R6250 Firmware Version < 1.0.4.42

Netgear ≫ R6250 Version-

Netgear ≫ R6400 Firmware Version < 1.0.4.98

Netgear ≫ R6400 Versionv2

Netgear ≫ R6700 Firmware Version < 1.0.4.98

Netgear ≫ R6700 Versionv3

Netgear ≫ R6900p Firmware Version < 1.3.2.124

Netgear ≫ R6900p Version-

Netgear ≫ R7000 Firmware Version < 1.0.11.106

Netgear ≫ R7000 Version-

Netgear ≫ R7000p Firmware Version < 1.3.2.124

Netgear ≫ R7000p Version-

Netgear ≫ R7100lg Firmware Version < 1.0.0.56

Netgear ≫ R7100lg Version-

Netgear ≫ R7900 Firmware Version < 1.0.4.26

Netgear ≫ R7900 Version-

Netgear ≫ R8000 Firmware Version < 1.0.4.58

Netgear ≫ R8000 Version-

Netgear ≫ R8300 Firmware Version < 1.0.2.134

Netgear ≫ R8300 Version-

Netgear ≫ R8500 Firmware Version < 1.0.2.134

Netgear ≫ R8500 Version-

Netgear ≫ Rs400 Firmware Version < 1.5.0.48

Netgear ≫ Rs400 Version-

Netgear ≫ Wnr3500l Firmware Version < 1.2.0.62

Netgear ≫ Wnr3500l Versionv2

Netgear ≫ Xr300 Firmware Version < 1.0.3.50

Netgear ≫ Xr300 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.16%	0.331

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
cve@mitre.org	8.6	3.9	4.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

https://kb.netgear.com/000064117/Security-Advisory-for-Broken-Cryptography-on-Some-Routers-and-Extenders-PSV-2020-0134

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-45512

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-45512

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-45512

EUVD