Strix
26.1K

CVE-2021-27256

HIGHCVSS 8.8/10EPSS 0.87%

Last modified

CVE-2021-27256 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. EPSS estimates a 0.87% chance of exploitation in the next 30 days.

Description

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.

Metrics

CVSS 3.1
8.8/10

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.87%

54.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
NetgearBr200 Firmware< 5.10.0.5
NetgearBr500 Firmware< 5.10.0.5
NetgearD7800 Firmware< 1.0.1.60
NetgearEx6100v2 Firmware< 1.0.1.98
NetgearEx6150v2 Firmware< 1.0.1.98
NetgearEx6250 Firmware< 1.0.0.134
NetgearEx6400 Firmware< 1.0.2.158
NetgearEx6400v2 Firmware< 1.0.0.134
NetgearEx6410 Firmware< 1.0.0.134
NetgearEx6420 Firmware< 1.0.0.134
NetgearEx7300 Firmware< 1.0.2.158
NetgearEx7300v2 Firmware< 1.0.0.134
NetgearEx7320 Firmware< 1.0.0.134
NetgearEx7700 Firmware< 1.0.0.216
NetgearEx8000 Firmware< 1.0.1.232
NetgearLbr20 Firmware< 2.6.3.50
NetgearR7800 Firmware< 1.0.2.80
NetgearR8900 Firmware< 1.0.5.28
NetgearR9000 Firmware< 1.0.5.28
NetgearRbk12 Firmware< 2.7.2.104
NetgearRbk13 Firmware< 2.7.2.104
NetgearRbk14 Firmware< 2.7.2.104
NetgearRbk15 Firmware< 2.7.2.104
NetgearRbk20 Firmware< 2.6.2.104
NetgearRbk23 Firmware< 2.7.2.104
NetgearRbk40 Firmware< 2.6.2.104
NetgearRbk43 Firmware< 2.6.2.104
NetgearRbk43s Firmware< 2.6.2.104
NetgearRbk44 Firmware< 2.6.2.104
NetgearRbk50 Firmware< 2.7.2.104
NetgearRbk53 Firmware< 2.7.2.104
NetgearRbr10 Firmware< 2.6.2.104
NetgearRbr20 Firmware< 2.6.2.104
NetgearRbr40 Firmware< 2.6.2.104
NetgearRbr50 Firmware< 2.7.2.104
NetgearRbs10 Firmware< 2.6.2.104
NetgearRbs20 Firmware< 2.6.2.104
NetgearRbs40 Firmware< 2.6.2.104
NetgearRbs50 Firmware< 2.7.2.104
NetgearRbs50y Firmware< 2.6.2.104
NetgearXr450 Firmware< 2.3.2.114
NetgearXr500 Firmware< 2.3.2.114
NetgearXr700 Firmware< 1.0.1.38

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-27256?
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_save.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12355.
How severe is CVE-2021-27256?
CVE-2021-27256 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 0.87% probability of exploitation in the next 30 days.
How do I fix CVE-2021-27256?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-27256?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST