ID

VAR-202110-1759


CVE

CVE-2021-34977


TITLE

NETGEAR R7000  Authentication vulnerabilities in routers

Trust: 0.8

sources: JVNDB: JVNDB-2021-017790

DESCRIPTION

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP requests. The issue results from the lack of proper authentication verification before performing a password reset. An attacker can leverage this vulnerability to reset the admin password. Was ZDI-CAN-13483. Zero Day Initiative To this vulnerability ZDI-CAN-13483 Was numbering.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 2.79

sources: NVD: CVE-2021-34977 // JVNDB: JVNDB-2021-017790 // ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2022-06696

AFFECTED PRODUCTS

vendor:netgearmodel:r7000scope:eqversion:1.0.11.116_10.2.100

Trust: 1.0

vendor:ネットギアmodel:r7000scope:eqversion: -

Trust: 0.8

vendor:ネットギアmodel:r7000scope:eqversion:r7000 firmware 1.0.11.116_10.2.100

Trust: 0.8

vendor:netgearmodel:r7000scope: - version: -

Trust: 0.7

vendor:netgearmodel:r7000 1.0.11.116 10.2.100scope: - version: -

Trust: 0.6

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // NVD: CVE-2021-34977

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-34977
value: HIGH

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2021-34977
value: HIGH

Trust: 1.0

NVD: CVE-2021-34977
value: HIGH

Trust: 0.8

ZDI: CVE-2021-34977
value: HIGH

Trust: 0.7

CNVD: CNVD-2022-06696
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202110-2084
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2021-34977
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2022-06696
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

zdi-disclosures@trendmicro.com: CVE-2021-34977
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2021-34977
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ZDI: CVE-2021-34977
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // CNNVD: CNNVD-202110-2084 // NVD: CVE-2021-34977 // NVD: CVE-2021-34977

PROBLEMTYPE DATA

problemtype:CWE-288

Trust: 1.0

problemtype:CWE-287

Trust: 1.0

problemtype:Inappropriate authentication (CWE-287) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-017790 // NVD: CVE-2021-34977

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202110-2084

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202110-2084

PATCH

title:Security Advisory for Authentication Bypass on Some Routers and DSL Modem Routers, PSV-2021-0134url:https://kb.netgear.com/000064046/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-DSL-Modem-Routers-PSV-2021-0134

Trust: 1.5

title:Patch for NETGEAR R7000 Authorization Issue Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/316056

Trust: 0.6

title:NETGEAR R7000 Remediation measures for authorization problem vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167764

Trust: 0.6

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // CNNVD: CNNVD-202110-2084

EXTERNAL IDS

db:NVDid:CVE-2021-34977

Trust: 4.5

db:ZDIid:ZDI-21-1239

Trust: 3.7

db:JVNDBid:JVNDB-2021-017790

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-13483

Trust: 0.7

db:CNVDid:CNVD-2022-06696

Trust: 0.6

db:CNNVDid:CNNVD-202110-2084

Trust: 0.6

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // CNNVD: CNNVD-202110-2084 // NVD: CVE-2021-34977

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-21-1239/

Trust: 3.6

url:https://kb.netgear.com/000064046/security-advisory-for-authentication-bypass-on-some-routers-and-dsl-modem-routers-psv-2021-0134

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-34977

Trust: 1.4

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // CNNVD: CNNVD-202110-2084 // NVD: CVE-2021-34977

CREDITS

Xinan Zhou (the University of California, Riverside and Fudan University)

Trust: 1.3

sources: ZDI: ZDI-21-1239 // CNNVD: CNNVD-202110-2084

SOURCES

db:ZDIid:ZDI-21-1239
db:CNVDid:CNVD-2022-06696
db:JVNDBid:JVNDB-2021-017790
db:CNNVDid:CNNVD-202110-2084
db:NVDid:CVE-2021-34977

LAST UPDATE DATE

2024-08-14T15:22:04.231000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-1239date:2021-10-28T00:00:00
db:CNVDid:CNVD-2022-06696date:2022-01-25T00:00:00
db:JVNDBid:JVNDB-2021-017790date:2023-02-08T06:45:00
db:CNNVDid:CNNVD-202110-2084date:2022-03-10T00:00:00
db:NVDid:CVE-2021-34977date:2022-01-20T14:46:59.397

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-1239date:2021-10-28T00:00:00
db:CNVDid:CNVD-2022-06696date:2022-01-25T00:00:00
db:JVNDBid:JVNDB-2021-017790date:2023-02-08T00:00:00
db:CNNVDid:CNNVD-202110-2084date:2021-10-28T00:00:00
db:NVDid:CVE-2021-34977date:2022-01-13T22:15:12.610