Sign-up

ID

VAR-202103-0948


CVE

CVE-2021-27257


TITLE

NETGEAR R7800  Firmware validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2021-004503

DESCRIPTION

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362. NETGEAR R7800 There is a certificate validation vulnerability in the firmware. Zero Day Initiative To this vulnerability ZDI-CAN-12362 Was numbered.Information may be tampered with. Netgear NETGEAR R7800 is a wireless router from Netgear

Trust: 2.88

sources: NVD: CVE-2021-27257 // JVNDB: JVNDB-2021-004503 // ZDI: ZDI-21-264 // CNVD: CNVD-2021-14775 // VULMON: CVE-2021-27257

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2021-14775

AFFECTED PRODUCTS

vendor:netgearmodel:r7800scope: - version: -

Trust: 1.3

vendor:netgearmodel:rbk53scope:ltversion:2.7.2.104

Trust: 1.0

vendor:netgearmodel:r9000scope:ltversion:1.0.5.28

Trust: 1.0

vendor:netgearmodel:ex6250scope:ltversion:1.0.0.134

Trust: 1.0

vendor:netgearmodel:r7800scope:ltversion:1.0.2.80

Trust: 1.0

vendor:netgearmodel:rbr20scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:r8900scope:ltversion:1.0.5.28

Trust: 1.0

vendor:netgearmodel:rbk20scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:rbk40scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:ex6400scope:ltversion:1.0.2.158

Trust: 1.0

vendor:netgearmodel:rbs50scope:ltversion:2.7.2.104

Trust: 1.0

vendor:netgearmodel:rbs10scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:rbk12scope:ltversion:2.7.2.104

Trust: 1.0

vendor:netgearmodel:rbs40scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:d7800scope:ltversion:1.0.1.60

Trust: 1.0

vendor:netgearmodel:ex6420scope:ltversion:1.0.0.134

Trust: 1.0

vendor:netgearmodel:ex7300scope:ltversion:1.0.2.158

Trust: 1.0

vendor:netgearmodel:ex6400v2scope:ltversion:1.0.0.134

Trust: 1.0

vendor:netgearmodel:ex7320scope:ltversion:1.0.0.134

Trust: 1.0

vendor:netgearmodel:rbr50scope:ltversion:2.7.2.104

Trust: 1.0

vendor:netgearmodel:rbk13scope:ltversion:2.7.2.104

Trust: 1.0

vendor:netgearmodel:rbk23scope:ltversion:2.7.2.104

Trust: 1.0

vendor:netgearmodel:br200scope:ltversion:5.10.0.5

Trust: 1.0

vendor:netgearmodel:rbk44scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:xr500scope:ltversion:2.3.2.114

Trust: 1.0

vendor:netgearmodel:lbr20scope:ltversion:2.6.3.50

Trust: 1.0

vendor:netgearmodel:ex6150v2scope:ltversion:1.0.1.98

Trust: 1.0

vendor:netgearmodel:rbs20scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:ex6410scope:ltversion:1.0.0.134

Trust: 1.0

vendor:netgearmodel:rbs50yscope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:rbk50scope:ltversion:2.7.2.104

Trust: 1.0

vendor:netgearmodel:xr450scope:ltversion:2.3.2.114

Trust: 1.0

vendor:netgearmodel:br500scope:ltversion:5.10.0.5

Trust: 1.0

vendor:netgearmodel:rbk14scope:ltversion:2.7.2.104

Trust: 1.0

vendor:netgearmodel:ex7300v2scope:ltversion:1.0.0.134

Trust: 1.0

vendor:netgearmodel:xr700scope:ltversion:1.0.1.38

Trust: 1.0

vendor:netgearmodel:rbr40scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:ex6100v2scope:ltversion:1.0.1.98

Trust: 1.0

vendor:netgearmodel:rbk43scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:ex7700scope:ltversion:1.0.0.216

Trust: 1.0

vendor:netgearmodel:rbr10scope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:rbk43sscope:ltversion:2.6.2.104

Trust: 1.0

vendor:netgearmodel:ex8000scope:ltversion:1.0.1.232

Trust: 1.0

vendor:netgearmodel:rbk15scope:ltversion:2.7.2.104

Trust: 1.0

vendor:ネットギアmodel:ex6150v2scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:br500scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:ex6250scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:ex6410scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:ex6400v2scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:ex6400scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:ex6420scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:br200scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:ex6100v2scope: - version: -

Trust: 0.8

vendor:ネットギアmodel:d7800scope: - version: -

Trust: 0.8

sources: ZDI: ZDI-21-264 // CNVD: CNVD-2021-14775 // JVNDB: JVNDB-2021-004503 // NVD: CVE-2021-27257

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-27257
value: MEDIUM

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2021-27257
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-27257
value: MEDIUM

Trust: 0.8

ZDI: CVE-2021-27257
value: MEDIUM

Trust: 0.7

CNVD: CNVD-2021-14775
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202102-1752
value: MEDIUM

Trust: 0.6

VULMON: CVE-2021-27257
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-27257
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2021-14775
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:C/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

zdi-disclosures@trendmicro.com: CVE-2021-27257
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2021-27257
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

ZDI: CVE-2021-27257
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-264 // CNVD: CNVD-2021-14775 // VULMON: CVE-2021-27257 // JVNDB: JVNDB-2021-004503 // CNNVD: CNNVD-202102-1752 // NVD: CVE-2021-27257 // NVD: CVE-2021-27257

PROBLEMTYPE DATA

problemtype:CWE-295

Trust: 1.0

problemtype:Bad certificate verification (CWE-295) [ Other ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-004503 // NVD: CVE-2021-27257

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202102-1752

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-202102-1752

PATCH

title:Security Advisory for Multiple Vulnerabilities on Some Routers, Satellites, and Extendersurl:https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders

Trust: 1.5

title:Patch for NETGEAR remote code execution vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/251011

Trust: 0.6

title:NETGEAR Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142983

Trust: 0.6

sources: ZDI: ZDI-21-264 // CNVD: CNVD-2021-14775 // JVNDB: JVNDB-2021-004503 // CNNVD: CNNVD-202102-1752

EXTERNAL IDS

db:NVDid:CVE-2021-27257

Trust: 3.8

db:ZDIid:ZDI-21-264

Trust: 3.8

db:JVNDBid:JVNDB-2021-004503

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-12362

Trust: 0.7

db:CNVDid:CNVD-2021-14775

Trust: 0.6

db:CNNVDid:CNNVD-202102-1752

Trust: 0.6

db:VULMONid:CVE-2021-27257

Trust: 0.1

sources: ZDI: ZDI-21-264 // CNVD: CNVD-2021-14775 // VULMON: CVE-2021-27257 // JVNDB: JVNDB-2021-004503 // CNNVD: CNNVD-202102-1752 // NVD: CVE-2021-27257

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-21-264/

Trust: 3.8

url:https://kb.netgear.com/000062883/security-advisory-for-multiple-vulnerabilities-on-some-routers-satellites-and-extenders

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-27257

Trust: 1.4

url:https://cwe.mitre.org/data/definitions/295.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-21-264 // CNVD: CNVD-2021-14775 // VULMON: CVE-2021-27257 // JVNDB: JVNDB-2021-004503 // CNNVD: CNNVD-202102-1752 // NVD: CVE-2021-27257

CREDITS

Team FLASHBACK: Pedro Ribeiro (@pedrib1337 | pedrib@gmail.com) + Radek Domanski (@RabbitPro)

Trust: 0.7

sources: ZDI: ZDI-21-264

SOURCES

db:ZDIid:ZDI-21-264
db:CNVDid:CNVD-2021-14775
db:VULMONid:CVE-2021-27257
db:JVNDBid:JVNDB-2021-004503
db:CNNVDid:CNNVD-202102-1752
db:NVDid:CVE-2021-27257

LAST UPDATE DATE

2024-11-23T22:54:53.310000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-264date:2021-06-29T00:00:00
db:CNVDid:CNVD-2021-14775date:2021-03-07T00:00:00
db:VULMONid:CVE-2021-27257date:2021-03-17T00:00:00
db:JVNDBid:JVNDB-2021-004503date:2021-11-24T03:20:00
db:CNNVDid:CNNVD-202102-1752date:2021-03-19T00:00:00
db:NVDid:CVE-2021-27257date:2024-11-21T05:57:42.320

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-264date:2021-02-26T00:00:00
db:CNVDid:CNVD-2021-14775date:2021-03-06T00:00:00
db:VULMONid:CVE-2021-27257date:2021-03-05T00:00:00
db:JVNDBid:JVNDB-2021-004503date:2021-11-24T00:00:00
db:CNNVDid:CNNVD-202102-1752date:2021-02-26T00:00:00
db:NVDid:CVE-2021-27257date:2021-03-05T20:15:12.660