CVE-2020-27861

Name: CVE-2020-27861
Creator: NVD / NIST
Published: 2021-02-12T00:15:12.5+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8.8/10EPSS 2.03%

Last modified Jun 17, 2026

CVE-2020-27861 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. EPSS estimates a 2.03% chance of exploitation in the next 30 days.

Description

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UA_Parser utility. A crafted Host Name option in a DHCP request can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11076.

Metrics

CVSS 3.1

8.8/10

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

2.03%

78.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Netgear	Cbk40 Firmware	< 2.6.1.38
Netgear	Cbk43 Firmware	< 2.6.1.38
Netgear	Cbr40 Firmware	< 2.6.1.38
Netgear	Ex6200 Firmware	< 1.0.1.82
Netgear	Ex7700 Firmware	< 1.0.0.210
Netgear	Ex8000 Firmware	< 1.0.1.224
Netgear	Rbk12 Firmware	< 2.6.1.44
Netgear	Rbk13 Firmware	< 2.6.1.44
Netgear	Rbk14 Firmware	< 2.6.1.44
Netgear	Rbk15 Firmware	< 2.6.1.44
Netgear	Rbr10 Firmware	< 2.6.1.44
Netgear	Rbs10 Firmware	< 2.6.1.44
Netgear	Rbk20w Firmware	< 2.6.1.36
Netgear	Rbk23w Firmware	< 2.6.1.36
Netgear	Rbk20 Router Firmware	< 2.6.1.36
Netgear	Rbk20 Satellite Firmware	< 2.6.1.38
Netgear	Rbk22 Router Firmware	< 2.6.1.36
Netgear	Rbk22 Satellite Firmware	< 2.6.1.38
Netgear	Rbk23 Router Firmware	< 2.6.1.36
Netgear	Rbk23 Satellite Firmware	< 2.6.1.38
Netgear	Rbr20 Firmware	< 2.6.1.36
Netgear	Rbs20 Firmware	< 2.6.1.38
Netgear	Rbk30 Firmware	< 2.6.1.36
Netgear	Rbk33 Firmware	< 2.6.1.36
Netgear	Rbk40 Router Firmware	< 2.6.1.36
Netgear	Rbk40 Satellite Firmware	< 2.6.1.38
Netgear	Rbk43 Router Firmware	< 2.6.1.36
Netgear	Rbk43 Satellite Firmware	< 2.6.1.38
Netgear	Rbk43s Router Firmware	< 2.6.1.36
Netgear	Rbk43s Satellite Firmware	< 2.6.1.38
Netgear	Rbk44 Router Firmware	< 2.6.1.36
Netgear	Rbk44 Satellite Firmware	< 2.6.1.38
Netgear	Rbr40 Firmware	< 2.6.1.36
Netgear	Rbs40 Firmware	< 2.6.1.38
Netgear	Rbk50 Firmware	< 2.6.1.40
Netgear	Rbk50v Firmware	< 2.6.1.40
Netgear	Rbk52w Firmware	< 2.6.1.40
Netgear	Rbr50 Firmware	< 2.6.1.40
Netgear	Rbs50 Firmware	< 2.6.1.40

References

https://kb.netgear.com/000062507/Security-Advisory-for-Unauthenticated-Command-Injection-Vulnerability-on-Some-Extenders-and-Orbi-WiFi-SystemsVendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-1430/Third Party Advisory, VDB Entry
https://kb.netgear.com/000062507/Security-Advisory-for-Unauthenticated-Command-Injection-Vulnerability-on-Some-Extenders-and-Orbi-WiFi-SystemsVendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-20-1430/Third Party Advisory, VDB Entry

Timeline

Published: Feb 12, 2021
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-27861?

How severe is CVE-2020-27861?

CVE-2020-27861 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 2.03% probability of exploitation in the next 30 days.

How do I fix CVE-2020-27861?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-27861?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST