Details of VAR-202103-1271

ID

VAR-202103-1271

CVE

CVE-2021-29068

TITLE

plural NETGEAR Classic buffer overflow vulnerability in device

Trust: 0.8

sources: JVNDB: JVNDB-2021-005326

DESCRIPTION

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before 1.0.11.106, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.26, R7850 before 1.0.5.60, R8000 before 1.0.4.58, RS400 before 1.5.0.48, R6400 before 1.0.1.62, R6700 before 1.0.2.16, R6900 before 1.0.2.16, MK60 before 1.0.5.102, MR60 before 1.0.5.102, MS60 before 1.0.5.102, CBR40 before 2.5.0.10, R8000P before 1.4.1.62, R7960P before 1.4.1.62, R7900P before 1.4.1.62, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RAX200 before 1.0.2.102, RAX45 before 1.0.2.64, RAX50 before 1.0.2.64, EX7500 before 1.0.0.68, EAX80 before 1.0.1.62, EAX20 before 1.0.0.36, RBK752 before 3.2.16.6, RBK753 before 3.2.16.6, RBK753S before 3.2.16.6, RBK754 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBK853 before 3.2.16.6, RBK854 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, RBR840 before 3.2.16.6, RBS840 before 3.2.16.6, R6120 before 1.0.0.70, R6220 before 1.1.0.100, R6230 before 1.1.0.100, R6260 before 1.1.0.76, R6850 before 1.1.0.76, R6350 before 1.1.0.76, R6330 before 1.1.0.76, D7800 before 1.0.1.58, RBK50 before 2.6.1.40, RBR50 before 2.6.1.40, RBS50 before 2.6.1.40, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK23 before 2.6.1.36, RBR20 before 2.6.1.38, RBS20 before 2.6.1.38, RBK12 before 2.6.1.44, RBK13 before 2.6.1.44, RBK14 before 2.6.1.44, RBK15 before 2.6.1.44, RBR10 before 2.6.1.44, RBS10 before 2.6.1.44, R6800 before 1.2.0.72, R6900v2 before 1.2.0.72, R6700v2 before 1.2.0.72, R7200 before 1.2.0.72, R7350 before 1.2.0.72, R7400 before 1.2.0.72, R7450 before 1.2.0.72, AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, R7800 before 1.0.2.74, R8900 before 1.0.5.24, R9000 before 1.0.5.24, RAX120 before 1.0.1.136, XR450 before 2.3.2.66, XR500 before 2.3.2.66, XR700 before 1.0.1.34, and XR300 before 1.0.3.50. plural NETGEAR A classic buffer overflow vulnerability exists in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. This affects R6700v3 prior to 1.0.4.98, R6400v2 prior to 1.0.4.98, R7000 prior to 1.0.11.106, R6900P prior to 1.3.2.124, R7000P prior to 1.3.2.124, R7900 prior to 1.0.4.26, R7850 prior to 1.0.5.60, R8000 prior to 1.0.4.58, RS400 prior to 1.5.0.48, R6400 prior to 1.0.1.62, R6700 prior to 1.0.2.16, R6900 prior to 1.0.2.16, MK60 prior to 1.0.5.102, MR60 prior to 1.0.5.102, MS60 prior to 1.0.5.102, CBR40 prior to 2.5.0.10, R8000P prior to 1.4.1.62, R7960P prior to 1.4.1.62, R7900P prior to 1.4.1.62, RAX15 prior to 1.0.1.64, RAX20 prior to 1.0.1.64, RAX75 prior to 1.0.3.102, RAX80 prior to 1.0.3.102, RAX200 prior to 1.0.2.102, RAX45 prior to 1.0.2.64, RAX50 prior to 1.0.2.64, EX7500 prior to 1.0.0.68, EAX80 prior to 1.0.1.62, EAX20 prior to 1.0.0.36, RBK752 prior to 3.2.16.6, RBK753 prior to 3.2.16.6, RBK753S prior to 3.2.16.6, RBK754 prior to 3.2.16.6, RBR750 prior to 3.2.16.6, RBS750 prior to 3.2.16.6, RBK852 prior to 3.2.16.6, RBK853 prior to 3.2.16.6, RBK854 prior to 3.2.16.6, RBR850 prior to 3.2.16.6, RBS850 prior to 3.2.16.6, RBR840 prior to 3.2.16.6, RBS840 prior to 3.2.16.6, R6120 prior to 1.0.0.70, R6220 prior to 1.1.0.100, R6230 prior to 1.1.0.100, R6260 prior to 1.1.0.76, R6850 prior to 1.1.0.76, R6350 prior to 1.1.0.76, R6330 prior to 1.1.0.76, D7800 prior to 1.0.1.58, RBK50 prior to 2.6.1.40, RBR50 prior to 2.6.1.40, RBS50 prior to 2.6.1.40, RBK40 prior to 2.6.1.36, RBR40 prior to 2.6.1.36, RBS40 prior to 2.6.1.38, RBK23 prior to 2.6.1.36, RBR20 prior to 2.6.1.38, RBS20 prior to 2.6.1.38, RBK12 prior to 2.6.1.44, RBK13 prior to 2.6.1.44, RBK14 prior to 2.6.1.44, RBK15 prior to 2.6.1.44, RBR10 prior to 2.6.1.44, RBS10 prior to 2.6.1.44, R6800 prior to 1.2.0.72, R6900v2 prior to 1.2.0.72, R6700v2 prior to 1.2.0.72, R7200 prior to 1.2.0.72, R7350 prior to 1.2.0.72, R7400 prior to 1.2.0.72, R7450 prior to 1.2.0.72, AC2100 prior to 1.2.0.72, AC2400 prior to 1.2.0.72, AC2600 prior to 1.2.0.72, R7800 prior to 1.0.2.74, R8900 prior to 1.0.5.24, R9000 prior to 1.0.5.24, RAX120 prior to 1.0.1.136, XR450 prior to 2.3.2.66, XR500 prior to 2.3.2.66, XR700 prior to 1.0.1.34, and XR300 prior to 1.0.3.50

Trust: 1.71

sources: NVD: CVE-2021-29068 // JVNDB: JVNDB-2021-005326 // VULMON: CVE-2021-29068

AFFECTED PRODUCTS

vendor:	netgear	model:	r6900	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	ms60	scope:	lt	version:	1.0.5.102	Trust: 1.0
vendor:	netgear	model:	rax200	scope:	lt	version:	1.0.2.102	Trust: 1.0
vendor:	netgear	model:	r7400	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	rbr50	scope:	lt	version:	2.6.1.40	Trust: 1.0
vendor:	netgear	model:	r6900	scope:	lt	version:	1.0.2.16	Trust: 1.0
vendor:	netgear	model:	r7350	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	rbs850	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	rbk50	scope:	lt	version:	2.6.1.40	Trust: 1.0
vendor:	netgear	model:	rbk12	scope:	lt	version:	2.6.1.44	Trust: 1.0
vendor:	netgear	model:	rbs750	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	rbr40	scope:	lt	version:	2.6.1.36	Trust: 1.0
vendor:	netgear	model:	rbs10	scope:	lt	version:	2.6.1.44	Trust: 1.0
vendor:	netgear	model:	rax120	scope:	lt	version:	1.0.1.136	Trust: 1.0
vendor:	netgear	model:	rax75	scope:	lt	version:	1.0.3.102	Trust: 1.0
vendor:	netgear	model:	r9000	scope:	lt	version:	1.0.5.24	Trust: 1.0
vendor:	netgear	model:	rbk854	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	eax80	scope:	lt	version:	1.0.1.62	Trust: 1.0
vendor:	netgear	model:	r7800	scope:	lt	version:	1.0.2.74	Trust: 1.0
vendor:	netgear	model:	r7900	scope:	lt	version:	1.0.4.26	Trust: 1.0
vendor:	netgear	model:	ac2100	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	rbk753	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	xr300	scope:	lt	version:	1.0.3.50	Trust: 1.0
vendor:	netgear	model:	d7800	scope:	lt	version:	1.0.1.58	Trust: 1.0
vendor:	netgear	model:	rax50	scope:	lt	version:	1.0.2.64	Trust: 1.0
vendor:	netgear	model:	rbr20	scope:	lt	version:	2.6.1.38	Trust: 1.0
vendor:	netgear	model:	r6260	scope:	lt	version:	1.1.0.76	Trust: 1.0
vendor:	netgear	model:	r8900	scope:	lt	version:	1.0.5.24	Trust: 1.0
vendor:	netgear	model:	rbk14	scope:	lt	version:	2.6.1.44	Trust: 1.0
vendor:	netgear	model:	r6120	scope:	lt	version:	1.0.0.70	Trust: 1.0
vendor:	netgear	model:	xr700	scope:	lt	version:	1.0.1.34	Trust: 1.0
vendor:	netgear	model:	ex7500	scope:	lt	version:	1.0.0.68	Trust: 1.0
vendor:	netgear	model:	rbk23	scope:	lt	version:	2.6.1.36	Trust: 1.0
vendor:	netgear	model:	xr500	scope:	lt	version:	2.3.2.66	Trust: 1.0
vendor:	netgear	model:	rbr840	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r7960p	scope:	lt	version:	1.4.1.62	Trust: 1.0
vendor:	netgear	model:	rbk15	scope:	lt	version:	2.6.1.44	Trust: 1.0
vendor:	netgear	model:	ac2600	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	rbs50	scope:	lt	version:	2.6.1.40	Trust: 1.0
vendor:	netgear	model:	rax20	scope:	lt	version:	1.0.1.64	Trust: 1.0
vendor:	netgear	model:	rbs20	scope:	lt	version:	2.6.1.38	Trust: 1.0
vendor:	netgear	model:	cbr40	scope:	lt	version:	2.5.0.10	Trust: 1.0
vendor:	netgear	model:	ac2400	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	rbr850	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r6220	scope:	lt	version:	1.0.0.70	Trust: 1.0
vendor:	netgear	model:	r6330	scope:	lt	version:	1.1.0.76	Trust: 1.0
vendor:	netgear	model:	rbk852	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r8000p	scope:	lt	version:	1.4.1.62	Trust: 1.0
vendor:	netgear	model:	rbk853	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r6900p	scope:	lt	version:	1.3.2.124	Trust: 1.0
vendor:	netgear	model:	r6800	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	xr450	scope:	lt	version:	2.3.2.66	Trust: 1.0
vendor:	netgear	model:	r6400	scope:	lt	version:	1.0.4.98	Trust: 1.0
vendor:	netgear	model:	rs400	scope:	lt	version:	1.5.0.48	Trust: 1.0
vendor:	netgear	model:	r6350	scope:	lt	version:	1.1.0.76	Trust: 1.0
vendor:	netgear	model:	r6700	scope:	lt	version:	1.0.4.98	Trust: 1.0
vendor:	netgear	model:	r7000	scope:	lt	version:	1.0.11.106	Trust: 1.0
vendor:	netgear	model:	rbk13	scope:	lt	version:	2.6.1.44	Trust: 1.0
vendor:	netgear	model:	r7850	scope:	lt	version:	1.0.5.60	Trust: 1.0
vendor:	netgear	model:	r6400	scope:	lt	version:	1.0.1.62	Trust: 1.0
vendor:	netgear	model:	mr60	scope:	lt	version:	1.0.5.102	Trust: 1.0
vendor:	netgear	model:	eax20	scope:	lt	version:	1.0.0.36	Trust: 1.0
vendor:	netgear	model:	rbk842	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	rbr750	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r7200	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	r6700	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	r8000	scope:	lt	version:	1.0.4.58	Trust: 1.0
vendor:	netgear	model:	rax80	scope:	lt	version:	1.0.3.102	Trust: 1.0
vendor:	netgear	model:	rbk754	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r6700	scope:	lt	version:	1.0.2.16	Trust: 1.0
vendor:	netgear	model:	rax45	scope:	lt	version:	1.0.2.64	Trust: 1.0
vendor:	netgear	model:	rbk753s	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r6230	scope:	lt	version:	1.0.0.70	Trust: 1.0
vendor:	netgear	model:	rbs40	scope:	lt	version:	2.6.1.38	Trust: 1.0
vendor:	netgear	model:	rax15	scope:	lt	version:	1.0.1.64	Trust: 1.0
vendor:	netgear	model:	rbk752	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r6850	scope:	lt	version:	1.1.0.76	Trust: 1.0
vendor:	netgear	model:	rbk40	scope:	lt	version:	2.6.1.36	Trust: 1.0
vendor:	netgear	model:	r7450	scope:	lt	version:	1.2.0.72	Trust: 1.0
vendor:	netgear	model:	rbs840	scope:	lt	version:	3.2.16.6	Trust: 1.0
vendor:	netgear	model:	r7900p	scope:	lt	version:	1.4.1.62	Trust: 1.0
vendor:	netgear	model:	r7000p	scope:	lt	version:	1.3.2.124	Trust: 1.0
vendor:	netgear	model:	mk60	scope:	lt	version:	1.0.5.102	Trust: 1.0
vendor:	netgear	model:	rbr10	scope:	lt	version:	2.6.1.44	Trust: 1.0
vendor:	ネットギア	model:	r6900p	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7000p	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7000	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7850	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r6400	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7900	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r8000	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r6700	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-005326 // NVD: CVE-2021-29068

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-29068
value:	HIGH
Trust: 1.0
cve@mitre.org:	CVE-2021-29068
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2021-29068
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202103-1360
value:	HIGH
Trust: 0.6
VULMON:	CVE-2021-29068
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-29068
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2021-29068
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
cve@mitre.org:	CVE-2021-29068
baseSeverity:	CRITICAL
baseScore:	9.9
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.1
impactScore:	6.0
version:	3.1
Trust: 1.0
NVD:	CVE-2021-29068
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2021-29068 // JVNDB: JVNDB-2021-005326 // CNNVD: CNNVD-202103-1360 // NVD: CVE-2021-29068 // NVD: CVE-2021-29068

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-005326 // NVD: CVE-2021-29068

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202103-1360

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202103-1360

PATCH

title:	Security Advisory for Post-Authentication Buffer Overflow on Some Routers, Extenders, and WiFi Systems , PSV-2020-0155	url:	https://kb.netgear.com/000063021/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0155	Trust: 0.8
title:	Netgear NETGEAR Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145681	Trust: 0.6

sources: JVNDB: JVNDB-2021-005326 // CNNVD: CNNVD-202103-1360

EXTERNAL IDS

db:	NVD	id:	CVE-2021-29068	Trust: 3.3
db:	JVNDB	id:	JVNDB-2021-005326	Trust: 0.8
db:	CNNVD	id:	CNNVD-202103-1360	Trust: 0.6
db:	VULMON	id:	CVE-2021-29068	Trust: 0.1

sources: VULMON: CVE-2021-29068 // JVNDB: JVNDB-2021-005326 // CNNVD: CNNVD-202103-1360 // NVD: CVE-2021-29068

REFERENCES

url:	https://kb.netgear.com/000063021/security-advisory-for-post-authentication-buffer-overflow-on-some-routers-extenders-and-wifi-systems-psv-2020-0155	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29068	Trust: 1.4
url:	https://cwe.mitre.org/data/definitions/120.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2021-29068 // JVNDB: JVNDB-2021-005326 // CNNVD: CNNVD-202103-1360 // NVD: CVE-2021-29068

SOURCES

db:	VULMON	id:	CVE-2021-29068
db:	JVNDB	id:	JVNDB-2021-005326
db:	CNNVD	id:	CNNVD-202103-1360
db:	NVD	id:	CVE-2021-29068

LAST UPDATE DATE

2024-11-23T23:04:04.570000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2021-29068	date:	2021-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2021-005326	date:	2021-12-13T01:53:00
db:	CNNVD	id:	CNNVD-202103-1360	date:	2021-03-30T00:00:00
db:	NVD	id:	CVE-2021-29068	date:	2024-11-21T06:00:38.353

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2021-29068	date:	2021-03-23T00:00:00
db:	JVNDB	id:	JVNDB-2021-005326	date:	2021-12-13T00:00:00
db:	CNNVD	id:	CNNVD-202103-1360	date:	2021-03-23T00:00:00
db:	NVD	id:	CVE-2021-29068	date:	2021-03-23T07:15:13.297