ID
VAR-202108-1620
CVE
CVE-2021-38514
TITLE
Multiple Netgear Product Authorization Issue Vulnerability
Trust: 0.6
DESCRIPTION
Certain NETGEAR devices are affected by authentication bypass. This affects D3600 prior to 1.0.0.72, D6000 prior to 1.0.0.72, D6100 prior to 1.0.0.63, D6200 prior to 1.1.00.34, D6220 prior to 1.0.0.48, D6400 prior to 1.0.0.86, D7000 prior to 1.0.1.70, D7000v2 prior to 1.0.0.52, D7800 prior to 1.0.1.56, D8500 prior to 1.0.3.44, DC112A prior to 1.0.0.42, DGN2200v4 prior to 1.0.0.108, DGND2200Bv4 prior to 1.0.0.108, EX2700 prior to 1.0.1.48, EX3700 prior to 1.0.0.76, EX3800 prior to 1.0.0.76, EX6000 prior to 1.0.0.38, EX6100 prior to 1.0.2.24, EX6100v2 prior to 1.0.1.76, EX6120 prior to 1.0.0.42, EX6130 prior to 1.0.0.28, EX6150v1 prior to 1.0.0.42, EX6150v2 prior to 1.0.1.76, EX6200 prior to 1.0.3.88, EX6200v2 prior to 1.0.1.72, EX6400 prior to 1.0.2.136, EX7000 prior to 1.0.0.66, EX7300 prior to 1.0.2.136, EX8000 prior to 1.0.1.180, RBK50 prior to 2.1.4.10, RBR50 prior to 2.1.4.10, RBS50 prior to 2.1.4.10, RBK40 prior to 2.1.4.10, RBR40 prior to 2.1.4.10, RBS40 prior to 2.1.4.10, RBW30 prior to 2.2.1.204, PR2000 prior to 1.0.0.28, R6020 prior to 1.0.0.38, R6080 prior to 1.0.0.38, R6050 prior to 1.0.1.18, JR6150 prior to 1.0.1.18, R6120 prior to 1.0.0.46, R6220 prior to 1.1.0.86, R6250 prior to 1.0.4.34, R6300v2 prior to 1.0.4.32, R6400 prior to 1.0.1.44, R6400v2 prior to 1.0.2.62, R6700 prior to 1.0.1.48, R6700v2 prior to 1.2.0.36, R6800 prior to 1.2.0.36, R6900v2 prior to 1.2.0.36, R6900 prior to 1.0.1.48, R7000 prior to 1.0.9.34, R6900P prior to 1.3.1.64, R7000P prior to 1.3.1.64, R7100LG prior to 1.0.0.48, R7300DST prior to 1.0.0.70, R7500v2 prior to 1.0.3.38, R7800 prior to 1.0.2.52, R7900 prior to 1.0.3.8, R8000 prior to 1.0.4.28, R7900P prior to 1.4.1.30, R8000P prior to 1.4.1.30, R8300 prior to 1.0.2.128, R8500 prior to 1.0.2.128, R9000 prior to 1.0.3.10, RBS40V prior to 2.2.0.58, RBK50V prior to 2.2.0.58, WN2000RPTv3 prior to 1.0.1.32, WN2500RPv2 prior to 1.0.1.54, WN3000RPv3 prior to 1.0.2.78, WN3100RPv2 prior to 1.0.0.66, WNDR3400v3 prior to 1.0.1.22, WNDR3700v4 prior to 1.0.2.102, WNDR4300v1 prior to 1.0.2.104, WNDR4300v2 prior to 1.0.0.56, WNDR4500v3 prior to 1.0.0.56, WNR2000v5 (R2000) prior to 1.0.0.66, WNR2020 prior to 1.1.0.62, WNR2050 prior to 1.1.0.62, WNR3500Lv2 prior to 1.2.0.62, and XR500 prior to 2.3.2.22.
Trust: 0.1
AFFECTED PRODUCTS
| vendor: | netgear | model: | r6400 | scope: | lt | version: | 1.0.2.62 | Trust: 1.0 |
| vendor: | netgear | model: | wnr2020 | scope: | lt | version: | 1.1.0.62 | Trust: 1.0 |
| vendor: | netgear | model: | wndr4300 | scope: | lt | version: | 1.0.2.104 | Trust: 1.0 |
| vendor: | netgear | model: | rbw30 | scope: | lt | version: | 2.2.1.204 | Trust: 1.0 |
| vendor: | netgear | model: | d6220 | scope: | lt | version: | 1.0.0.48 | Trust: 1.0 |
| vendor: | netgear | model: | wn2500rp | scope: | lt | version: | 1.0.1.54 | Trust: 1.0 |
| vendor: | netgear | model: | wnr2000 | scope: | lt | version: | 1.0.0.66 | Trust: 1.0 |
| vendor: | netgear | model: | d7800 | scope: | lt | version: | 1.0.1.56 | Trust: 1.0 |
| vendor: | netgear | model: | ex6000 | scope: | lt | version: | 1.0.0.38 | Trust: 1.0 |
| vendor: | netgear | model: | r6120 | scope: | lt | version: | 1.0.0.46 | Trust: 1.0 |
| vendor: | netgear | model: | r6400 | scope: | lt | version: | 1.0.1.44 | Trust: 1.0 |
| vendor: | netgear | model: | ex2700 | scope: | lt | version: | 1.0.1.48 | Trust: 1.0 |
| vendor: | netgear | model: | r6800 | scope: | lt | version: | 1.2.0.36 | Trust: 1.0 |
| vendor: | netgear | model: | d7000 | scope: | lt | version: | 1.0.0.52 | Trust: 1.0 |
| vendor: | netgear | model: | wndr4500 | scope: | lt | version: | 1.0.0.56 | Trust: 1.0 |
| vendor: | netgear | model: | ex6200 | scope: | lt | version: | 1.0.1.72 | Trust: 1.0 |
| vendor: | netgear | model: | pr2000 | scope: | lt | version: | 1.0.0.28 | Trust: 1.0 |
| vendor: | netgear | model: | rbk40 | scope: | lt | version: | 2.1.4.10 | Trust: 1.0 |
| vendor: | netgear | model: | r6020 | scope: | lt | version: | 1.0.0.38 | Trust: 1.0 |
| vendor: | netgear | model: | wndr3700 | scope: | lt | version: | 1.0.2.102 | Trust: 1.0 |
| vendor: | netgear | model: | d3600 | scope: | lt | version: | 1.0.0.72 | Trust: 1.0 |
| vendor: | netgear | model: | ex6120 | scope: | lt | version: | 1.0.0.42 | Trust: 1.0 |
| vendor: | netgear | model: | wndr4300 | scope: | lt | version: | 1.0.0.56 | Trust: 1.0 |
| vendor: | netgear | model: | ex6130 | scope: | lt | version: | 1.0.0.28 | Trust: 1.0 |
| vendor: | netgear | model: | r7500 | scope: | lt | version: | 1.0.3.38 | Trust: 1.0 |
| vendor: | netgear | model: | ex8000 | scope: | lt | version: | 1.0.1.180 | Trust: 1.0 |
| vendor: | netgear | model: | r8000 | scope: | lt | version: | 1.0.4.28 | Trust: 1.0 |
| vendor: | netgear | model: | r6080 | scope: | lt | version: | 1.0.0.38 | Trust: 1.0 |
| vendor: | netgear | model: | d7000 | scope: | lt | version: | 1.0.1.70 | Trust: 1.0 |
| vendor: | netgear | model: | d6400 | scope: | lt | version: | 1.0.0.86 | Trust: 1.0 |
| vendor: | netgear | model: | r6220 | scope: | lt | version: | 1.1.0.86 | Trust: 1.0 |
| vendor: | netgear | model: | r6900p | scope: | lt | version: | 1.3.1.64 | Trust: 1.0 |
| vendor: | netgear | model: | wnr3500l | scope: | lt | version: | 1.2.0.62 | Trust: 1.0 |
| vendor: | netgear | model: | r8000p | scope: | lt | version: | 1.4.1.30 | Trust: 1.0 |
| vendor: | netgear | model: | r7300dst | scope: | lt | version: | 1.0.0.70 | Trust: 1.0 |
| vendor: | netgear | model: | d6100 | scope: | lt | version: | 1.0.0.63 | Trust: 1.0 |
| vendor: | netgear | model: | r6900 | scope: | lt | version: | 1.0.1.48 | Trust: 1.0 |
| vendor: | netgear | model: | d6200 | scope: | lt | version: | 1.1.00.34 | Trust: 1.0 |
| vendor: | netgear | model: | r6300 | scope: | lt | version: | 1.0.4.32 | Trust: 1.0 |
| vendor: | netgear | model: | r9000 | scope: | lt | version: | 1.0.3.10 | Trust: 1.0 |
| vendor: | netgear | model: | r8300 | scope: | lt | version: | 1.0.2.128 | Trust: 1.0 |
| vendor: | netgear | model: | ex6200 | scope: | lt | version: | 1.0.3.88 | Trust: 1.0 |
| vendor: | netgear | model: | r8500 | scope: | lt | version: | 1.0.2.128 | Trust: 1.0 |
| vendor: | netgear | model: | rbs40v | scope: | lt | version: | 2.2.0.58 | Trust: 1.0 |
| vendor: | netgear | model: | rbs40 | scope: | lt | version: | 2.1.4.10 | Trust: 1.0 |
| vendor: | netgear | model: | wn3100rp | scope: | lt | version: | 1.0.0.66 | Trust: 1.0 |
| vendor: | netgear | model: | jr6150 | scope: | lt | version: | 1.0.1.18 | Trust: 1.0 |
| vendor: | netgear | model: | r6900 | scope: | lt | version: | 1.2.0.36 | Trust: 1.0 |
| vendor: | netgear | model: | rbk50v | scope: | lt | version: | 2.2.0.58 | Trust: 1.0 |
| vendor: | netgear | model: | xr500 | scope: | lt | version: | 2.3.2.22 | Trust: 1.0 |
| vendor: | netgear | model: | ex3800 | scope: | lt | version: | 1.0.0.76 | Trust: 1.0 |
| vendor: | netgear | model: | rbr50 | scope: | lt | version: | 2.1.4.10 | Trust: 1.0 |
| vendor: | netgear | model: | dgnd2200b | scope: | lt | version: | 1.0.0.108 | Trust: 1.0 |
| vendor: | netgear | model: | rbr40 | scope: | lt | version: | 2.1.4.10 | Trust: 1.0 |
| vendor: | netgear | model: | ex6100 | scope: | lt | version: | 1.0.1.76 | Trust: 1.0 |
| vendor: | netgear | model: | r7000p | scope: | lt | version: | 1.3.1.64 | Trust: 1.0 |
| vendor: | netgear | model: | r7900 | scope: | lt | version: | 1.0.3.8 | Trust: 1.0 |
| vendor: | netgear | model: | r7000 | scope: | lt | version: | 1.0.9.34 | Trust: 1.0 |
| vendor: | netgear | model: | wnr2050 | scope: | lt | version: | 1.1.0.62 | Trust: 1.0 |
| vendor: | netgear | model: | ex6150 | scope: | lt | version: | 1.0.1.76 | Trust: 1.0 |
| vendor: | netgear | model: | rbs50 | scope: | lt | version: | 2.1.4.10 | Trust: 1.0 |
| vendor: | netgear | model: | ex3700 | scope: | lt | version: | 1.0.0.76 | Trust: 1.0 |
| vendor: | netgear | model: | r6700 | scope: | lt | version: | 1.0.1.48 | Trust: 1.0 |
| vendor: | netgear | model: | r6250 | scope: | lt | version: | 1.0.4.34 | Trust: 1.0 |
| vendor: | netgear | model: | dgn2200 | scope: | lt | version: | 1.0.0.108 | Trust: 1.0 |
| vendor: | netgear | model: | ex7000 | scope: | lt | version: | 1.0.0.66 | Trust: 1.0 |
| vendor: | netgear | model: | dc112a | scope: | lt | version: | 1.0.0.42 | Trust: 1.0 |
| vendor: | netgear | model: | r6700 | scope: | lt | version: | 1.2.0.36 | Trust: 1.0 |
| vendor: | netgear | model: | ex6150 | scope: | lt | version: | 1.0.0.42 | Trust: 1.0 |
| vendor: | netgear | model: | rbk50 | scope: | lt | version: | 2.1.4.10 | Trust: 1.0 |
| vendor: | netgear | model: | r6050 | scope: | lt | version: | 1.0.1.18 | Trust: 1.0 |
| vendor: | netgear | model: | r7100lg | scope: | lt | version: | 1.0.0.48 | Trust: 1.0 |
| vendor: | netgear | model: | r7800 | scope: | lt | version: | 1.0.2.52 | Trust: 1.0 |
| vendor: | netgear | model: | r7900p | scope: | lt | version: | 1.4.1.30 | Trust: 1.0 |
| vendor: | netgear | model: | ex6400 | scope: | lt | version: | 1.0.2.136 | Trust: 1.0 |
| vendor: | netgear | model: | d8500 | scope: | lt | version: | 1.0.3.44 | Trust: 1.0 |
| vendor: | netgear | model: | wndr3400 | scope: | lt | version: | 1.0.1.22 | Trust: 1.0 |
| vendor: | netgear | model: | d6000 | scope: | lt | version: | 1.0.0.72 | Trust: 1.0 |
| vendor: | netgear | model: | ex6100 | scope: | lt | version: | 1.0.2.24 | Trust: 1.0 |
| vendor: | netgear | model: | ex7300 | scope: | lt | version: | 1.0.2.136 | Trust: 1.0 |
| vendor: | netgear | model: | wn2000rpt | scope: | lt | version: | 1.0.1.32 | Trust: 1.0 |
| vendor: | netgear | model: | wn3000rp | scope: | lt | version: | 1.0.2.78 | Trust: 1.0 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-noinfo | Trust: 1.0 |
THREAT TYPE
remote
Trust: 0.6
TYPE
authorization issue
Trust: 0.6
PATCH
| title: | Multiple Netgear Product access control error vulnerability fixes | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=159356 | Trust: 0.6 |
| title: | CVE-2021-38514 | url: | https://github.com/AlAIAL90/CVE-2021-38514 | Trust: 0.1 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2021-38514 | Trust: 1.7 |
| db: | CNNVD | id: | CNNVD-202108-962 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2021-38514 | Trust: 0.1 |
REFERENCES
| url: | https://kb.netgear.com/000063757/security-advisory-for-authentication-bypass-on-some-routers-extenders-and-wifi-systems-psv-2017-2449 | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2021-38514 | Trust: 0.6 |
| url: | https://cwe.mitre.org/data/definitions/287.html | Trust: 0.1 |
| url: | https://github.com/alaial90/cve-2021-38514 | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
SOURCES
| db: | VULMON | id: | CVE-2021-38514 |
| db: | CNNVD | id: | CNNVD-202108-962 |
| db: | NVD | id: | CVE-2021-38514 |
LAST UPDATE DATE
2024-08-14T15:17:07.828000+00:00
SOURCES UPDATE DATE
| db: | VULMON | id: | CVE-2021-38514 | date: | 2021-08-19T00:00:00 |
| db: | CNNVD | id: | CNNVD-202108-962 | date: | 2022-07-14T00:00:00 |
| db: | NVD | id: | CVE-2021-38514 | date: | 2022-07-12T17:42:04.277 |
SOURCES RELEASE DATE
| db: | VULMON | id: | CVE-2021-38514 | date: | 2021-08-11T00:00:00 |
| db: | CNNVD | id: | CNNVD-202108-962 | date: | 2021-08-10T00:00:00 |
| db: | NVD | id: | CVE-2021-38514 | date: | 2021-08-11T00:15:15.663 |