CVE-2021-38518
Summary
| CVE | CVE-2021-38518 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-08-11 00:15:00 UTC |
| Updated | 2021-08-18 19:37:00 UTC |
| Description | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. |
Risk And Classification
Problem Types: CWE-77
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Netgear | Rax200 | - | All | All | All |
| Operating System | Netgear | Rax200 Firmware | All | All | All | All |
| Hardware | Netgear | Rax75 | - | All | All | All |
| Operating System | Netgear | Rax75 Firmware | All | All | All | All |
| Hardware | Netgear | Rax80 | - | All | All | All |
| Operating System | Netgear | Rax80 Firmware | All | All | All | All |
| Hardware | Netgear | Rbk852 | - | All | All | All |
| Operating System | Netgear | Rbk852 Firmware | All | All | All | All |
| Hardware | Netgear | Rbr850 | - | All | All | All |
| Operating System | Netgear | Rbr850 Firmware | All | All | All | All |
| Hardware | Netgear | Rbs850 | - | All | All | All |
| Operating System | Netgear | Rbs850 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory for Post-Authentication Command Injection on Some Routers and WiFi Systems, PSV-2020-0528 | Answer | NETGEAR Support | MISC | kb.netgear.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.