Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2021-33514

Published: 21/05/2021 Updated: 04/01/2022
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 891
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field. This affects GC108P prior to 1.0.7.3, GC108PP prior to 1.0.7.3, GS108Tv3 prior to 7.0.6.3, GS110TPPv1 prior to 7.0.6.3, GS110TPv3 prior to 7.0.6.3, GS110TUPv1 prior to 1.0.4.3, GS710TUPv1 prior to 1.0.4.3, GS716TP prior to 1.0.2.3, GS716TPP prior to 1.0.2.3, GS724TPPv1 prior to 2.0.4.3, GS724TPv2 prior to 2.0.4.3, GS728TPPv2 prior to 6.0.6.3, GS728TPv2 prior to 6.0.6.3, GS752TPPv1 prior to 6.0.6.3, GS752TPv2 prior to 6.0.6.3, MS510TXM prior to 1.0.2.3, and MS510TXUP prior to 1.0.2.3.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

netgear gc108p firmware

netgear gc108pp firmware

netgear gs108t firmware

netgear gs110tpp firmware

netgear gs110tp firmware

netgear gs110tup firmware

netgear gs710tup firmware

netgear gs716tp firmware

netgear gs716tpp firmware

netgear gs724tpp firmware

netgear gs724tp firmware

netgear gs728tpp firmware

netgear gs728tp firmware

netgear gs752tpp firmware

netgear gs752tp firmware

netgear ms510txm firmware

netgear ms510txup firmware

References

CWE-78https://kb.netgear.com/000063641/Security-Advisory-for-Pre-Authentication-Command-Injection-Vulnerability-on-Some-Smart-Switches-PSV-2021-0071https://gynvael.coldwind.pl/?lang=en&id=733https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6280CVE-2024-5346CVE-2024-30078CVE-2022-45803CVE-2024-36886SQLCVE-2024-24553IMAPmemory leak
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook