2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2018-21162" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2020-04-23T21:15:11.877" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T04:03:03.257" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6400 before 1.0.0.78, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.8, R6300v2 before 1.0.4.6, R6400 before 1.0.1.12, R6700 before 1.0.1.16, R7000 before 1.0.7.10, R7100LG before 1.0.0.42, R7300DST before 1.0.0.44, R7900 before 1.0.1.12, R8000 before 1.0.3.36, R8300 before 1.0.2.74, R8500 before 1.0.2.74, WNDR3400v3 before 1.0.1.14, and WNR3500Lv2 before 1.2.0.48."
} ,
{
"lang" : "es" ,
"value" : "Determinados dispositivos NETGEAR est\u00e1n afectados por una inyecci\u00f3n de comandos por parte de un atacante no autenticado. Esto afecta a D6400 versiones anteriores a 1.0.0.78, EX6200 versiones anteriores a 1.0.3.86, EX7000 versiones anteriores a 1.0.0.64, R6250 versiones anteriores a 1.0.4.8, R6300v2 versiones anteriores a 1.0.4.6, R6400 versiones anteriores a 1.0.1.12, R6700 versiones anteriores a 1.0.1.16, R7000 versiones anteriores a 1.0.7.10, R7100LG versiones anteriores a 1.0.0.42, R7300DST versiones anteriores a 1.0.0.44, R7900 versiones anteriores a 1.0.1.12, R8000 versiones anteriores a 1.0.3.36, R8300 versiones anteriores a 1.0.2.74, R8500 versiones anteriores a 1.0.2.74, WNDR3400v3 versiones anteriores a 1.0.1.14 y WNR3500Lv2 versiones anteriores a 1.2.0.48."
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 9.8 ,
"baseSeverity" : "CRITICAL" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 5.9
}
] ,
"cvssMetricV30" : [
{
"source" : "cve@mitre.org" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 8.8 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "ADJACENT_NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 2.8 ,
"impactScore" : 5.9
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.5 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 6.4 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-78"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:d6400_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.78" ,
"matchCriteriaId" : "7AD596B6-3D11-456F-8BD0-2E7153BA5F53"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:d6400:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7D30939B-86E3-4C78-9B05-686B4994C8B9"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.3.86" ,
"matchCriteriaId" : "03DFA0CD-2C01-4885-B126-E24FCA5F9D6B"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:ex6200:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3186CC67-B567-4A0C-BD2C-0433716FBD1B"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:ex7000_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.64" ,
"matchCriteriaId" : "E2EC7119-878C-4E8F-97B0-DAD86E138F8C"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:ex7000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9F45B620-60B8-40F3-A055-181ADD71EFFF"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r6250_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.4.8" ,
"matchCriteriaId" : "13B4777D-CC2E-4A6B-946F-3E511D8D4B36"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "321BE843-52C4-4638-A321-439CA7B3A6F2"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.4.6" ,
"matchCriteriaId" : "DBB42C46-A4AB-4AEC-A78D-082F9C63B0B8"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "10938043-F7DF-42C3-8C16-F92CAF8E5576"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.1.12" ,
"matchCriteriaId" : "1866BDEF-FB37-4477-B0F2-87283983648D"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.1.16" ,
"matchCriteriaId" : "1A08B1CF-6BDA-4D50-9146-2B580593FBAD"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-12-08 03:06:42 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "21B27F11-4262-4CE1-8107-B365A7C152F2"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.7.10" ,
"matchCriteriaId" : "B94C2A0A-F26B-4CD2-A91E-DD62C5F788B3"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r7100lg_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.42" ,
"matchCriteriaId" : "B3D808FE-AA8D-40DF-B838-4853EB8911E7"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r7100lg:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "366FA778-3C2A-42AF-9141-DAD7043B406C"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r7300dst_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.0.44" ,
"matchCriteriaId" : "9D512A22-2535-4069-BAEB-19FDB15304E2"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r7300dst:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C75148EB-DE6C-4C5C-BF34-4800A66CF11C"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.1.12" ,
"matchCriteriaId" : "59C6F6E4-C411-486E-BDBF-75F0ABEF5112"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C484840F-AF30-4B5C-821A-4DB9BE407BDB"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.3.36" ,
"matchCriteriaId" : "B91B7AB8-E499-416D-8E63-C49CDA753C3C"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5B39F095-8FE8-43FD-A866-7B613B495984"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r8300_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.2.74" ,
"matchCriteriaId" : "40529B5B-A0CF-4761-B623-9981F5821C1E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r8300:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7A9B77E7-7439-48C6-989F-5E22CB4D3044"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:r8500_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.2.74" ,
"matchCriteriaId" : "CC34CE8E-8DB9-4A15-80D8-EB663482A892"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:r8500:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "63500DE4-BDBD-4F86-AB99-7DB084D0B912"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:wndr3400_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.0.1.14" ,
"matchCriteriaId" : "DF8551B9-72D9-46B8-9F66-EE7841E29A26"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:wndr3400:v3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1992E44C-122C-41BC-8FDC-5F9EBEE1FB7C"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:netgear:wnr3500l_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "1.2.0.48" ,
"matchCriteriaId" : "263DFC40-2EED-49F3-AAA5-0F5D7EAC2DF3"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:netgear:wnr3500l:v2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C8DE4BFA-41DE-4748-ACC7-14362333A059"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://kb.netgear.com/000059147/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Gateways-Routers-and-Extenders-PSV-2016-0074" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://kb.netgear.com/000059147/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-Gateways-Routers-and-Extenders-PSV-2016-0074" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
