Vulnerability Details : CVE-2021-38513
Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RBK752 before 3.2.10.10, RBR750 before 3.2.10.10, and RBS750 before 3.2.10.10.
Products affected by CVE-2021-38513
- cpe:2.3:o:netgear:rbr850_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbk852_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbs850_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbk752_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbr750_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:rbs750_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:cbr40_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:mr60_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:ms60_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:eax20_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:mk62_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-38513
0.31%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 70 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-38513
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.6
|
CRITICAL | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L |
2.8
|
6.0
|
MITRE | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2021-38513
-
https://kb.netgear.com/000063777/Security-Advisory-for-Authentication-Bypass-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0008
Security Advisory for Authentication Bypass on Some Extenders and WiFi Systems, PSV-2020-0008 | Answer | NETGEAR SupportVendor Advisory
Jump to