Netgear Products Multiple Vulnerabilities
Release Date:
22 Dec 2021
5260
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Netgear Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure and cross-site scripting on the targeted system.
Impact
- Remote Code Execution
- Denial of Service
- Cross-Site Scripting
- Information Disclosure
System / Technologies affected
- CBR40, running firmware versions prior to 2.5.0.24
- D6220, running firmware versions prior to 1.0.0.66
- D6400, running firmware versions prior to 1.0.0.100
- D7000, running firmware versions prior to 1.0.1.82
- D7000v2, running firmware versions prior to 1.0.0.66
- D7800, running firmware versions prior to 1.0.1.64
- D8500, running firmware versions prior to 1.0.3.58
- DC112A, running firmware versions prior to 1.0.0.52
- DGN2200v4, running firmware versions prior to 1.0.0.118
- DM200, running firmware versions prior to 1.0.0.66
- EAX20, running firmware versions prior to 1.0.0.48
- EAX80, running firmware versions prior to 1.0.1.64
- EX2700, running firmware versions prior to 1.0.1.56
- EX3700, running firmware versions prior to 1.0.0.94
- EX3800, running firmware versions prior to 1.0.0.94
- EX6000, running firmware versions prior to 1.0.0.38
- EX6100v2, running firmware versions prior to 1.0.1.98
- EX6120, running firmware versions prior to 1.0.0.66
- EX6130, running firmware versions prior to 1.0.0.46
- EX6150v2, running firmware versions prior to 1.0.1.98
- EX6200v2, running firmware versions prior to 1.0.1.86
- EX6250, running firmware versions prior to 1.0.0.134
- EX6400, running firmware versions prior to 1.0.2.158
- EX6400v2, running firmware versions prior to 1.0.0.134
- EX6410, running firmware versions prior to 1.0.0.134
- EX6420, running firmware versions prior to 1.0.0.134
- EX7000, running firmware versions prior to 1.0.1.106
- EX7300, running firmware versions prior to 1.0.2.158
- EX7300v2, running firmware versions prior to 1.0.0.134
- EX7320, running firmware versions prior to 1.0.0.134
- EX7500, running firmware versions prior to 1.0.1.76
- EX7700, running firmware versions prior to 1.0.0.222
- EX8000, running firmware versions prior to 1.0.1.232
- GS108Tv2, running firmware versions prior to 5.4.2.36
- GS110TPv2, running firmware versions prior to 5.4.2.36
- LBR1020, running firmware versions prior to 2.6.3.58
- LBR20, running firmware versions prior to 2.6.3.50
- MS60, running firmware versions prior to 1.0.6.110
- R6250, running firmware versions prior to 1.0.4.48
- R6300v2, running firmware versions prior to 1.0.4.52
- R6400, running firmware versions prior to 1.0.1.68
- R6400v2, running firmware versions prior to 1.0.4.106
- R6700AX, running firmware versions prior to 1.0.2.88
- R6700v3, running firmware versions prior to 1.0.4.106
- R6900P, running firmware versions prior to 1.3.3.140
- R7000, running firmware versions prior to 1.0.9.88
- R7000P, running firmware versions prior to 1.3.3.140
- R7100LG, running firmware versions prior to 1.0.0.72
- R7500v2, running firmware versions prior to 1.0.3.46
- R7800, running firmware versions prior to 1.0.2.80
- R7900, running firmware versions prior to 1.0.4.46
- R7900P, running firmware versions prior to 1.4.2.84
- R7960P, running firmware versions prior to 1.4.2.84
- R8000, running firmware versions prior to 1.0.4.76
- R8000P, running firmware versions prior to 1.4.2.84
- R8300, running firmware versions prior to 1.0.2.144
- R8500, running firmware versions prior to 1.0.2.144
- R8900, running firmware versions prior to 1.0.5.26
- R9000, running firmware versions prior to 1.0.5.26
- RAX10, running firmware versions prior to 1.0.2.88
- RAX120, running firmware versions prior to 1.2.2.24
- RAX120v2, running firmware versions prior to 1.2.2.24
- RAX15, running firmware versions prior to 1.0.2.82
- RAX20, running firmware versions prior to 1.0.2.82
- RAX200, running firmware versions prior to 1.0.5.126
- RAX35, running firmware versions prior to 1.0.4.102
- RAX38, running firmware versions prior to 1.0.4.102
- RAX40, running firmware versions prior to 1.0.4.102
- RAX45, running firmware versions prior to 1.0.2.82
- RAX50, running firmware versions prior to 1.0.2.82
- RAX70, running firmware versions prior to 1.0.2.88
- RAX75, running firmware versions prior to 1.0.5.126
- RAX78, running firmware versions prior to 1.0.2.88
- RAX80, running firmware versions prior to 1.0.5.126
- RBK12, running firmware versions prior to 2.7.3.22
- RBK20, running firmware versions prior to 2.7.3.22
- RBK352, running firmware versions prior to 4.3.4.7
- RBK40, running firmware versions prior to 2.7.3.22
- RBK50, running firmware versions prior to 2.7.3.22
- RBK752, running firmware versions prior to 3.2.17.12
- RBK852, running firmware versions prior to 4.6.3.9
- RBKE963, running firmware versions prior to 6.0.3.68
- RBR10, running firmware versions prior to 2.7.3.22
- RBR20, running firmware versions prior to 2.7.3.22
- RBR350, running firmware versions prior to 4.3.4.7
- RBR40, running firmware versions prior to 2.7.3.22
- RBR50, running firmware versions prior to 2.7.3.22
- RBR750, running firmware versions prior to 3.2.17.12
- RBR850, running firmware versions prior to 4.6.3.9
- RBRE960, running firmware versions prior to 6.0.3.68
- RBS10, running firmware versions prior to 2.7.3.22
- RBS20, running firmware versions prior to 2.7.3.22
- RBS350, running firmware versions prior to 4.3.4.7
- RBS40, running firmware versions prior to 2.7.3.22
- RBS40V, running firmware versions prior to 2.6.1.4
- RBS50, running firmware versions prior to 2.7.3.22
- RBS50Y, running firmware versions prior to 2.7.3.22
- RBS750, running firmware versions prior to 3.2.17.12
- RBS850, running firmware versions prior to 4.6.3.9
- RBSE960, running firmware versions prior to 6.0.3.68
- RBW30, running firmware versions prior to 2.6.1.4
- RS400, running firmware versions prior to 1.5.1.80
- WN3000RPv2, running firmware versions prior to 1.0.0.78
- WN3000RPv3, running firmware versions prior to 1.0.2.80
- WNDR3400v3, running firmware versions prior to 1.0.1.38
- WNR2000v5, running firmware versions prior to 1.0.0.76
- XR300, running firmware versions prior to 1.0.3.68
- XR450, running firmware versions prior to 2.3.2.66
- XR500, running firmware versions prior to 2.3.2.66
- XR700, running firmware versions prior to 1.0.1.36
Solutions
Before installation of the software, please visit the vendor's web-site for more details.
- Apply fixes issued by the vendor:
- Upgrade CBR40 firmware versions to 2.5.0.24
- Upgrade D6220 firmware versions to 1.0.0.66
- Upgrade D6400 firmware versions to 1.0.0.100
- Upgrade D7000 firmware versions to 1.0.1.82
- Upgrade D7000v2 firmware versions to 1.0.0.66
- Upgrade D7800 firmware versions to 1.0.1.64
- Upgrade D8500 firmware versions to 1.0.3.58
- Upgrade DC112A firmware versions to 1.0.0.52
- Upgrade DGN2200v4 firmware versions to 1.0.0.118
- Upgrade DM200 firmware versions to 1.0.0.66
- Upgrade EAX20 firmware versions to 1.0.0.48
- Upgrade EAX80 firmware versions to 1.0.1.64
- Upgrade EX2700 firmware versions to 1.0.1.56
- Upgrade EX3700 firmware versions to 1.0.0.94
- Upgrade EX3800 firmware versions to 1.0.0.94
- Upgrade EX6000 firmware versions to 1.0.0.38
- Upgrade EX6100v2 firmware versions to 1.0.1.98
- Upgrade EX6120 firmware versions to 1.0.0.66
- Upgrade EX6130 firmware versions to 1.0.0.46
- Upgrade EX6150v2 firmware versions to 1.0.1.98
- Upgrade EX6200v2 firmware versions to 1.0.1.86
- Upgrade EX6250 firmware versions to 1.0.0.134
- Upgrade EX6400 firmware versions to 1.0.2.158
- Upgrade EX6400v2 firmware versions to 1.0.0.134
- Upgrade EX6410 firmware versions to 1.0.0.134
- Upgrade EX6420 firmware versions to 1.0.0.134
- Upgrade EX7000 firmware versions to 1.0.1.106
- Upgrade EX7300 firmware versions to 1.0.2.158
- Upgrade EX7300v2 firmware versions to 1.0.0.134
- Upgrade EX7320 firmware versions to 1.0.0.134
- Upgrade EX7500 firmware versions to 1.0.1.76
- Upgrade EX7700 firmware versions to 1.0.0.222
- Upgrade EX8000 firmware versions to 1.0.1.232
- Upgrade GS108Tv2 firmware versions to 5.4.2.36
- Upgrade GS110TPv2 firmware versions to 5.4.2.36
- Upgrade LBR1020 firmware versions to 2.6.3.58
- Upgrade LBR20 firmware versions to 2.6.3.50
- Upgrade MS60 firmware versions to 1.0.6.110
- Upgrade R6250 firmware versions to 1.0.4.48
- Upgrade R6300v2 firmware versions to 1.0.4.52
- Upgrade R6400 firmware versions to 1.0.1.68
- Upgrade R6400v2 firmware versions to 1.0.4.106
- Upgrade R6700AX firmware versions to 1.0.2.88
- Upgrade R6700v3 firmware versions to 1.0.4.106
- Upgrade R6900P firmware versions to 1.3.3.140
- Upgrade R7000 firmware versions to 1.0.9.88
- Upgrade R7000P firmware versions to 1.3.3.140
- Upgrade R7100LG firmware versions to 1.0.0.72
- Upgrade R7500v2 firmware versions to 1.0.3.46
- Upgrade R7800 firmware versions to 1.0.2.80
- Upgrade R7900 firmware versions to 1.0.4.46
- Upgrade R7900P firmware versions to 1.4.2.84
- Upgrade R7960P firmware versions to 1.4.2.84
- Upgrade R8000 firmware versions to 1.0.4.76
- Upgrade R8000P firmware versions to 1.4.2.84
- Upgrade R8300 firmware versions to 1.0.2.144
- Upgrade R8500 firmware versions to 1.0.2.144
- Upgrade R8900 firmware versions to 1.0.5.26
- Upgrade R9000 firmware versions to 1.0.5.26
- Upgrade RAX10 firmware versions to 1.0.2.88
- Upgrade RAX120 firmware versions to 1.2.2.24
- Upgrade RAX120v2 firmware versions to 1.2.2.24
- Upgrade RAX15 firmware versions to 1.0.2.82
- Upgrade RAX20 firmware versions to 1.0.2.82
- Upgrade RAX200 firmware versions to 1.0.5.126
- Upgrade RAX35 firmware versions to 1.0.4.102
- Upgrade RAX38 firmware versions to 1.0.4.102
- Upgrade RAX40 firmware versions to 1.0.4.102
- Upgrade RAX45 firmware versions to 1.0.2.82
- Upgrade RAX50 firmware versions to 1.0.2.82
- Upgrade RAX70 firmware versions to 1.0.2.88
- Upgrade RAX75 firmware versions to 1.0.5.126
- Upgrade RAX78 firmware versions to 1.0.2.88
- Upgrade RAX80 firmware versions to 1.0.5.126
- Upgrade RBK12 firmware versions to 2.7.3.22
- Upgrade RBK20 firmware versions to 2.7.3.22
- Upgrade RBK352 firmware versions to 4.3.4.7
- Upgrade RBK40 firmware versions to 2.7.3.22
- Upgrade RBK50 firmware versions to 2.7.3.22
- Upgrade RBK752 firmware versions to 3.2.17.12
- Upgrade RBK852 firmware versions to 4.6.3.9
- Upgrade RBKE963 firmware versions to 6.0.3.68
- Upgrade RBR10 firmware versions to 2.7.3.22
- Upgrade RBR20 firmware versions to 2.7.3.22
- Upgrade RBR350 firmware versions to 4.3.4.7
- Upgrade RBR40 firmware versions to 2.7.3.22
- Upgrade RBR50 firmware versions to 2.7.3.22
- Upgrade RBR750 firmware versions to 3.2.17.12
- Upgrade RBR850 firmware versions to 4.6.3.9
- Upgrade RBRE960 firmware versions to 6.0.3.68
- Upgrade RBS10 firmware versions to 2.7.3.22
- Upgrade RBS20 firmware versions to 2.7.3.22
- Upgrade RBS350 firmware versions to 4.3.4.7
- Upgrade RBS40 firmware versions to 2.7.3.22
- Upgrade RBS40V firmware versions to 2.6.1.4
- Upgrade RBS50 firmware versions to 2.7.3.22
- Upgrade RBS50Y firmware versions to 2.7.3.22
- Upgrade RBS750 firmware versions to 3.2.17.12
- Upgrade RBS850 firmware versions to 4.6.3.9
- Upgrade RBSE960 firmware versions to 6.0.3.68
- Upgrade RBW30 firmware versions to 2.6.1.4
- Upgrade RS400 firmware versions to 1.5.1.80
- Upgrade WN3000RPv2 firmware versions to 1.0.0.78
- Upgrade WN3000RPv3 firmware versions to 1.0.2.80
- Upgrade WNDR3400v3 firmware versions to 1.0.1.38
- Upgrade WNR2000v5 firmware versions to 1.0.0.76
- Upgrade XR300 firmware versions to 1.0.3.68
- Upgrade XR450 firmware versions to 2.3.2.66
- Upgrade XR500 firmware versions to 2.3.2.66
- Upgrade XR700 firmware versions to 1.0.1.36
Vulnerability Identifier
- No CVE information is available
Source
Related Link
- https://kb.netgear.com/000064492/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0435?article=000064492
- https://kb.netgear.com/000064491/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0427?article=000064491
- https://kb.netgear.com/000064490/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0422?article=000064490
- https://kb.netgear.com/000064489/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-PSV-2020-0371?article=000064489
- https://kb.netgear.com/000064488/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0323?article=000064488
- https://kb.netgear.com/000064487/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0322?article=000064487
- https://kb.netgear.com/000064486/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0320?article=000064486
- https://kb.netgear.com/000064485/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-PSV-2020-0298?article=000064485
- https://kb.netgear.com/000064484/Security-Advisory-for-Denial-of-Service-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0286?article=000064484
- https://kb.netgear.com/000064483/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0274?article=000064483
- https://kb.netgear.com/000064482/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0261?article=000064482
- https://kb.netgear.com/000064481/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Router-Extenders-and-WiFi-Systems-PSV-2020-0256?article=000064481
- https://kb.netgear.com/000064480/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0255?article=000064480
- https://kb.netgear.com/000064479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0246?article=000064479
- https://kb.netgear.com/000064478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-and-WiFi-Systems-PSV-2020-0210?article=000064478
- https://kb.netgear.com/000064477/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0196?article=000064477
- https://kb.netgear.com/000064476/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0195?article=000064476
- https://kb.netgear.com/000064475/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0183?article=000064475
- https://kb.netgear.com/000064474/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0175?article=000064474
- https://kb.netgear.com/000064473/Security-Advisory-for-Sensitive-Information-Disclosure-on-R7000-PSV-2020-0174?article=000064473
- https://kb.netgear.com/000064437/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Multiple-Products-PSV-2021-0278?article=000064437
- https://kb.netgear.com/000064462/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-PSV-2020-0161?article=000064462
- https://kb.netgear.com/000064461/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-2021-12-20?article=000064461
- https://kb.netgear.com/000064460/Security-Advisory-for-Reflected-Cross-Site-Scripting-on-Some-Routers-Extenders-and-WiFi-Systems-2021-12-20?article=000064460
- https://kb.netgear.com/000064459/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-2021-12-20?article=000064459
- https://kb.netgear.com/000064458/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0062?article=000064458
- https://kb.netgear.com/000064457/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-WiFi-Systems-PSV-2020-0052?article=000064457
- https://kb.netgear.com/000064456/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Routers-PSV-2020-0003?article=000064456
- https://kb.netgear.com/000064454/Security-Advisory-for-Post-Authentication-Command-Injection-on-R8000-PSV-2019-0294?article=000064454
- https://kb.netgear.com/000064453/Security-Advisory-for-Admin-Credential-Disclosure-on-Some-Routers-PSV-2019-0293?article=000064453
- https://kb.netgear.com/000064450/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2019-0207?article=000064450
- https://kb.netgear.com/000064449/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Routers-PSV-2019-0203?article=000064449
- https://kb.netgear.com/000064448/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Smart-Managed-Pro-Switches-PSV-2019-0191?article=000064448
- https://kb.netgear.com/000064447/Security-Advisory-for-Pre-Authentication-Stack-Overflow-on-D7000-PSV-2019-0182?article=000064447
- https://kb.netgear.com/000064446/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Extenders-PSV-2019-0078?article=000064446
- https://kb.netgear.com/000064445/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2019-0027?article=000064445
- https://kb.netgear.com/000064444/Security-Advisory-for-Stored-Cross-Site-Scripting-on-R7000-PSV-2018-0422?article=000064444
- https://kb.netgear.com/000064443/Security-Advisory-for-Stored-Cross-Site-Scripting-on-R7000-PSV-2018-0420?article=000064443
- https://kb.netgear.com/000064442/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-R7000-PSV-2018-0418?article=000064442
- https://kb.netgear.com/000064441/Security-Advisory-for-Sensitive-Information-Disclosure-on-RBR50-PSV-2017-3085?article=000064441
Share with