7.5

CVE-2021-45647

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6700v2 before 1.2.0.76, R7000 before 1.0.11.116, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.68, R7900P before 1.4.1.66, R8000P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NetgearEax80 Firmware Version < 1.0.1.62
   NetgearEax80 Version-
NetgearEx7000 Firmware Version < 1.0.1.104
   NetgearEx7000 Version-
NetgearR6120 Firmware Version < 1.0.0.76
   NetgearR6120 Version-
NetgearR6220 Firmware Version1.1.0.110
   NetgearR6220 Version-
NetgearR6230 Firmware Version < 1.1.0.110
   NetgearR6230 Version-
NetgearR6260 Firmware Version < 1.1.0.78
   NetgearR6260 Version-
NetgearR6850 Firmware Version < 1.1.0.78
   NetgearR6850 Version-
NetgearR6350 Firmware Version < 1.1.0.78
   NetgearR6350 Version-
NetgearR6330 Firmware Version < 1.1.0.78
   NetgearR6330 Version-
NetgearR6800 Firmware Version < 1.2.0.76
   NetgearR6800 Version-
NetgearR6900v2 Firmware Version < 1.2.0.76
   NetgearR6900v2 Version-
NetgearR6700v2 Firmware Version < 1.2.0.76
   NetgearR6700v2 Version-
NetgearR7000 Firmware Version < 1.0.11.116
   NetgearR7000 Version-
NetgearR7000p Firmware Version < 1.3.3.140
   NetgearR7000p Version-
NetgearR6900p Firmware Version < 1.3.3.140
   NetgearR6900p Version-
NetgearR7200 Firmware Version < 1.2.0.76
   NetgearR7200 Version-
NetgearR7350 Firmware Version < 1.2.0.76
   NetgearR7350 Version-
NetgearR7400 Firmware Version < 1.2.0.76
   NetgearR7400 Version-
NetgearR7450 Firmware Version < 1.2.0.76
   NetgearR7450 Version-
NetgearAc2100 Firmware Version < 1.2.0.76
   NetgearAc2100 Version-
NetgearAc2400 Firmware Version < 1.2.0.76
   NetgearAc2400 Version-
NetgearAc2600 Firmware Version < 1.2.0.76
   NetgearAc2600 Version-
NetgearR7900 Firmware Version < 1.0.4.38
   NetgearR7900 Version-
NetgearR7900p Firmware Version < 1.4.1.66
   NetgearR7900p Version-
NetgearR7960p Firmware Version < 1.4.1.66
   NetgearR7960p Version-
NetgearR8000 Firmware Version < 1.0.4.68
   NetgearR8000 Version-
NetgearR8000p Firmware Version < 1.4.1.66
   NetgearR8000p Version-
NetgearRax15 Firmware Version < 1.0.2.82
   NetgearRax15 Version-
NetgearRax20 Firmware Version < 1.0.2.82
   NetgearRax20 Version-
NetgearRax200 Firmware Version < 1.0.3.106
   NetgearRax200 Version-
NetgearRax45 Firmware Version < 1.0.2.72
   NetgearRax45 Version-
NetgearRax50 Firmware Version < 1.0.2.72
   NetgearRax50 Version-
NetgearRax75 Firmware Version < 1.0.3.106
   NetgearRax75 Version-
NetgearRax80 Firmware Version < 1.0.3.106
   NetgearRax80 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.497
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
cve@mitre.org 6.5 2.8 3.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.