Details of VAR-202110-1759

ID

VAR-202110-1759

CVE

CVE-2021-34977

TITLE

NETGEAR R7000 Authentication vulnerabilities in routers

Trust: 0.8

sources: JVNDB: JVNDB-2021-017790

DESCRIPTION

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP requests. The issue results from the lack of proper authentication verification before performing a password reset. An attacker can leverage this vulnerability to reset the admin password. Was ZDI-CAN-13483. Zero Day Initiative To this vulnerability ZDI-CAN-13483 Was numbering.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 2.79

sources: NVD: CVE-2021-34977 // JVNDB: JVNDB-2021-017790 // ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-06696

AFFECTED PRODUCTS

vendor:	netgear	model:	r7000	scope:	eq	version:	1.0.11.116_10.2.100	Trust: 1.0
vendor:	ネットギア	model:	r7000	scope:	eq	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r7000	scope:	eq	version:	r7000 firmware 1.0.11.116_10.2.100	Trust: 0.8
vendor:	netgear	model:	r7000	scope:	-	version:	-	Trust: 0.7
vendor:	netgear	model:	r7000 1.0.11.116 10.2.100	scope:	-	version:	-	Trust: 0.6

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // NVD: CVE-2021-34977

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-34977
value:	HIGH
Trust: 1.0
zdi-disclosures@trendmicro.com:	CVE-2021-34977
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-34977
value:	HIGH
Trust: 0.8
ZDI:	CVE-2021-34977
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2022-06696
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202110-2084
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2021-34977
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-06696
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

zdi-disclosures@trendmicro.com:	CVE-2021-34977
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2021-34977
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ZDI:	CVE-2021-34977
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // CNNVD: CNNVD-202110-2084 // NVD: CVE-2021-34977 // NVD: CVE-2021-34977

PROBLEMTYPE DATA

problemtype:	CWE-288	Trust: 1.0
problemtype:	CWE-287	Trust: 1.0
problemtype:	Inappropriate authentication (CWE-287) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-017790 // NVD: CVE-2021-34977

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202110-2084

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202110-2084

PATCH

title:	Security Advisory for Authentication Bypass on Some Routers and DSL Modem Routers, PSV-2021-0134	url:	https://kb.netgear.com/000064046/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-and-DSL-Modem-Routers-PSV-2021-0134	Trust: 1.5
title:	Patch for NETGEAR R7000 Authorization Issue Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/316056	Trust: 0.6
title:	NETGEAR R7000 Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167764	Trust: 0.6

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // CNNVD: CNNVD-202110-2084

EXTERNAL IDS

db:	NVD	id:	CVE-2021-34977	Trust: 4.5
db:	ZDI	id:	ZDI-21-1239	Trust: 3.7
db:	JVNDB	id:	JVNDB-2021-017790	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-13483	Trust: 0.7
db:	CNVD	id:	CNVD-2022-06696	Trust: 0.6
db:	CNNVD	id:	CNNVD-202110-2084	Trust: 0.6

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // CNNVD: CNNVD-202110-2084 // NVD: CVE-2021-34977

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-21-1239/	Trust: 3.6
url:	https://kb.netgear.com/000064046/security-advisory-for-authentication-bypass-on-some-routers-and-dsl-modem-routers-psv-2021-0134	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-34977	Trust: 1.4

sources: ZDI: ZDI-21-1239 // CNVD: CNVD-2022-06696 // JVNDB: JVNDB-2021-017790 // CNNVD: CNNVD-202110-2084 // NVD: CVE-2021-34977

CREDITS

Xinan Zhou (the University of California, Riverside and Fudan University)

Trust: 1.3

sources: ZDI: ZDI-21-1239 // CNNVD: CNNVD-202110-2084

SOURCES

db:	ZDI	id:	ZDI-21-1239
db:	CNVD	id:	CNVD-2022-06696
db:	JVNDB	id:	JVNDB-2021-017790
db:	CNNVD	id:	CNNVD-202110-2084
db:	NVD	id:	CVE-2021-34977

LAST UPDATE DATE

2024-08-14T15:22:04.231000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-1239	date:	2021-10-28T00:00:00
db:	CNVD	id:	CNVD-2022-06696	date:	2022-01-25T00:00:00
db:	JVNDB	id:	JVNDB-2021-017790	date:	2023-02-08T06:45:00
db:	CNNVD	id:	CNNVD-202110-2084	date:	2022-03-10T00:00:00
db:	NVD	id:	CVE-2021-34977	date:	2022-01-20T14:46:59.397

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-1239	date:	2021-10-28T00:00:00
db:	CNVD	id:	CNVD-2022-06696	date:	2022-01-25T00:00:00
db:	JVNDB	id:	JVNDB-2021-017790	date:	2023-02-08T00:00:00
db:	CNNVD	id:	CNNVD-202110-2084	date:	2021-10-28T00:00:00
db:	NVD	id:	CVE-2021-34977	date:	2022-01-13T22:15:12.610