CVE-2021-45649

EPSS 0.05%
Veröffentlicht 26.12.2021 01:15:20
Zuletzt bearbeitet 21.11.2024 06:32:46
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R7000 before 1.0.11.126, R6900P before 1.3.2.126, and R7000P before 1.3.2.126.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Netgear ≫ R6400v2 Firmware Version < 1.0.4.84

Netgear ≫ R6400v2 Version-

Netgear ≫ R6700v3 Firmware Version < 1.0.4.84

Netgear ≫ R6700v3 Version-

Netgear ≫ R7000 Firmware Version < 1.0.11.126

Netgear ≫ R7000 Version-

Netgear ≫ R6900p Firmware Version < 1.3.2.126

Netgear ≫ R6900p Version-

Netgear ≫ R7000p Firmware Version < 1.3.2.126

Netgear ≫ R7000p Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.122

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N
cve@mitre.org	7.9	1.5	5.8	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://kb.netgear.com/000064073/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2019-0123

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-45649

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-45649

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-45649

EUVD