CVE-2021-27257

Description

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362.

Related CPE's

onetgearbr200_firmware********

hnetgearbr200-*******

onetgearbr500_firmware********

hnetgearbr500-*******

onetgeard7800_firmware********

hnetgeard7800-*******

onetgearex6100v2_firmware********

hnetgearex6100v2-*******

onetgearex6150v2_firmware********

hnetgearex6150v2-*******

References

N/A

Third Party AdvisoryVDB Entry

N/A

PatchVendor Advisory

CvssV3 impact

BaseSeverity

MEDIUM

ConfidentialityImpact

NONE

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

ADJACENT_NETWORK

AvailabilityImpact

NONE

IntegrityImpact

HIGH

PrivilegesRequired

NONE

BaseScore

6.5

VectorString

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Version

3.1

UserInteraction

NONE

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

NONE

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

3.299999952316284

VectorString

AV:A/AC:L/Au:N/C:N/I:P/A:N

Version

2.0

AccessVector

ADJACENT_NETWORK

Authentication

NONE

Created by Yello
About Severity.io