Vulnerability Details : CVE-2021-38531
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6260 before 1.1.0.78, R6700v2 before 1.2.0.76, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, and AC2400 before 1.2.0.76.
Exploit prediction scoring system (EPSS) score for CVE-2021-38531
Probability of exploitation activity in the next 30 days: 0.10%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 42 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2021-38531
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
[email protected] |
|
4.7
|
MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N |
0.5
|
4.2
|
[email protected] |
|
7.2
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
[email protected] |
References for CVE-2021-38531
Products affected by CVE-2021-38531
- cpe:2.3:o:netgear:r6700_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:r6900_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:d6200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:d7000_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:r6020_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:r6080_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:r6120_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:r6800_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:r6260_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:r7450_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:ac2100_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:netgear:ac2400_firmware:*:*:*:*:*:*:*:*