mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
511 lines
15 KiB
JSON
511 lines
15 KiB
JSON
{
|
|
"id": "CVE-2021-45526",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2021-12-26T01:15:14.157",
|
|
"lastModified": "2024-11-21T06:32:25.440",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX6000 before 1.0.0.38, EX6120 before 1.0.0.48, EX6130 before 1.0.0.30, R6300v2 before 1.0.4.52, R6400 before 1.0.1.52, R7000 before 1.0.11.126, R7900 before 1.0.4.30, R8000 before 1.0.4.52, R7000P before 1.3.2.124, R8000P before 1.4.1.50, RAX80 before 1.0.3.88, R6900P before 1.3.2.124, R7900P before 1.4.1.50, and RAX75 before 1.0.3.88."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Determinados dispositivos NETGEAR est\u00e1n afectados por un desbordamiento del b\u00fafer por parte de un usuario autenticado. Esto afecta a los dispositivos EX6000 versiones anteriores a 1.0.0.38, EX6120 versiones anteriores a 1.0.0.48, EX6130 versiones anteriores a 1.0.0.30, R6300v2 versiones anteriores a 1.0.4.52, R6400 versiones anteriores a 1.0.1.52, R7000 versiones anteriores a 1.0.11.126, R7900 versiones anteriores a 1.0. 4.30, R8000 versiones anteriores a 1.0.4.52, R7000P versiones anteriores a 1.3.2.124, R8000P versiones anteriores a 1.4.1.50, RAX80 versiones anteriores a 1.0.3.88, R6900P versiones anteriores a 1.3.2.124, R7900P versiones anteriores a 1.4.1.50 y RAX75 versiones anteriores a 1.0.3.88"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "cve@mitre.org",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H",
|
|
"baseScore": 7.3,
|
|
"baseSeverity": "HIGH",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "HIGH",
|
|
"userInteraction": "NONE",
|
|
"scope": "CHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.5,
|
|
"impactScore": 5.3
|
|
},
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"baseScore": 8.8,
|
|
"baseSeverity": "HIGH",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH"
|
|
},
|
|
"exploitabilityScore": 2.8,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
|
|
"baseScore": 6.5,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "SINGLE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-120"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:ex6000_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.0.38",
|
|
"matchCriteriaId": "E8357471-53D2-4FCF-85CD-7D4297960841"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:ex6000:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "02E7CA7E-E6CA-4BAB-8F40-4731EA523D91"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.0.48",
|
|
"matchCriteriaId": "4C4313A2-5182-4F64-9643-AA21B1CBA5B5"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:ex6130_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.0.30",
|
|
"matchCriteriaId": "27DD717D-FA39-403C-929E-09CB8998FC41"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:ex6130:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "305E295C-9C73-4798-A0BE-7973E1EE5EAB"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6300v2_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.4.52",
|
|
"matchCriteriaId": "4E00ABB7-A3E9-4E41-82CB-3AADC276C3AC"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6300v2:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7909744D-FE9B-49D1-ADB3-029CCC432A47"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6400_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.1.52",
|
|
"matchCriteriaId": "30668750-EAE9-4C89-A5DA-9DF28E8E1AE4"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6400:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3E4CDF6B-3829-44D0-9675-71D7BE83CAA2"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r7000_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.11.126",
|
|
"matchCriteriaId": "A0E06EFF-9D71-43DB-A304-9A41998FD68A"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r7000:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9F86FF6-AB32-4E51-856A-DDE790C0A9A6"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r7900_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.4.30",
|
|
"matchCriteriaId": "B6364559-B141-43AE-B40A-506B79BCC3AA"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r7900:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C484840F-AF30-4B5C-821A-4DB9BE407BDB"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r8000_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.4.52",
|
|
"matchCriteriaId": "9D444B09-82DA-4225-A292-B28232408A7B"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r8000:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5B39F095-8FE8-43FD-A866-7B613B495984"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r8000p_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.4.1.50",
|
|
"matchCriteriaId": "9D3F1622-F2B7-41F0-87F0-61F4ACB270C8"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r8000p:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F7EF872D-2537-4FEB-8799-499FC9D44339"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r7000p_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.3.2.124",
|
|
"matchCriteriaId": "5C6F506A-464D-4BDE-8F9B-D537D3C7E137"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DFE55F4D-E98B-46D3-B870-041141934CD1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:rax80_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.3.88",
|
|
"matchCriteriaId": "037B3660-20DD-4164-81EC-E4D86C60BA45"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:rax80:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "06B5A85C-3588-4263-B9AD-4E56D3F6CB16"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:rax75_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.0.3.88",
|
|
"matchCriteriaId": "A1E37B9E-709E-41EE-AE43-B3164D68CF6B"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:rax75:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1BAA74D7-36A1-4494-96A2-BD0D2D6BF22F"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r6900p_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.3.2.124",
|
|
"matchCriteriaId": "61DE3850-1661-43D1-9E52-31E2E01979EE"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r6900p:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C41908FF-AE64-4949-80E3-BEE061B2DA8A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:netgear:r7900p_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.4.1.50",
|
|
"matchCriteriaId": "8B02CB0A-BBB8-4A64-93B3-7CA1DF7B7299"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:netgear:r7900p:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F3D6A70D-66AF-4064-9F1B-4358D4B1F016"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://kb.netgear.com/000064446/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Extenders-PSV-2019-0078",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://kb.netgear.com/000064446/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-and-Extenders-PSV-2019-0078",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |