Vulnerability Details CVE-2021-38528
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6900P before 1.3.2.132, R7000P before 1.3.2.132, R7100LG before 1.0.0.64, WNDR3400v3 before 1.0.1.38, and XR300 before 1.0.3.56.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.029
EPSS Ranking 85.9%
CVSS Severity
CVSS v3 Score 9.6
CVSS v2 Score 10.0
References
Products affected by CVE-2021-38528
-
cpe:2.3:h:netgear:d8500:-
-
cpe:2.3:h:netgear:r6900p:-
-
cpe:2.3:h:netgear:r7000p:-
-
cpe:2.3:h:netgear:r7100lg:-
-
cpe:2.3:h:netgear:wndr3400:v3
-
cpe:2.3:h:netgear:xr300:-
-
cpe:2.3:o:netgear:d8500_firmware:-
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.27
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.28
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.29
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.35
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.36
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.39
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.42
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.43
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.44
-
cpe:2.3:o:netgear:d8500_firmware:1.0.3.50
-
cpe:2.3:o:netgear:r6900p_firmware:-
-
cpe:2.3:o:netgear:r6900p_firmware:1.0.0.56
-
cpe:2.3:o:netgear:r6900p_firmware:1.0.0.58
-
cpe:2.3:o:netgear:r6900p_firmware:1.0.0.62
-
cpe:2.3:o:netgear:r6900p_firmware:1.0.1.16
-
cpe:2.3:o:netgear:r6900p_firmware:1.2.0.22
-
cpe:2.3:o:netgear:r6900p_firmware:1.3.0.18
-
cpe:2.3:o:netgear:r6900p_firmware:1.3.0.20
-
cpe:2.3:o:netgear:r6900p_firmware:1.3.0.8
-
cpe:2.3:o:netgear:r6900p_firmware:1.3.1.26
-
cpe:2.3:o:netgear:r6900p_firmware:1.3.1.44
-
cpe:2.3:o:netgear:r6900p_firmware:1.3.1.64
-
cpe:2.3:o:netgear:r6900p_firmware:1.3.2.124
-
cpe:2.3:o:netgear:r6900p_firmware:1.3.2.126
-
cpe:2.3:o:netgear:r6900p_firmware:1.3.2.34
-
cpe:2.3:o:netgear:r7000p_firmware:-
-
cpe:2.3:o:netgear:r7000p_firmware:1.0.0.56
-
cpe:2.3:o:netgear:r7000p_firmware:1.0.0.58
-
cpe:2.3:o:netgear:r7000p_firmware:1.0.0.62
-
cpe:2.3:o:netgear:r7000p_firmware:1.0.0.86
-
cpe:2.3:o:netgear:r7000p_firmware:1.0.1.16
-
cpe:2.3:o:netgear:r7000p_firmware:1.2.0.22
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.0.18
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.0.20
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.0.8
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.1.26
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.1.44
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.1.64
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.2.124
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.2.126
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.2.126_10.1.66
-
cpe:2.3:o:netgear:r7000p_firmware:1.3.2.34
-
cpe:2.3:o:netgear:r7100lg_firmware:-
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.28
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.30
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.32
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.34
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.40
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.42
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.46
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.48
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.50
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.52
-
cpe:2.3:o:netgear:r7100lg_firmware:1.0.0.56
-
cpe:2.3:o:netgear:wndr3400_firmware:-
-
cpe:2.3:o:netgear:wndr3400_firmware:1.0.1.12
-
cpe:2.3:o:netgear:wndr3400_firmware:1.0.1.14
-
cpe:2.3:o:netgear:wndr3400_firmware:1.0.1.16
-
cpe:2.3:o:netgear:wndr3400_firmware:1.0.1.18
-
cpe:2.3:o:netgear:wndr3400_firmware:1.0.1.22
-
cpe:2.3:o:netgear:wndr3400_firmware:1.0.1.24
-
cpe:2.3:o:netgear:wndr3400_firmware:1.0.1.8
-
cpe:2.3:o:netgear:xr300_firmware:-
-
cpe:2.3:o:netgear:xr300_firmware:1.0.1.4
-
cpe:2.3:o:netgear:xr300_firmware:1.0.2.18
-
cpe:2.3:o:netgear:xr300_firmware:1.0.2.24
-
cpe:2.3:o:netgear:xr300_firmware:1.0.3.26
-
cpe:2.3:o:netgear:xr300_firmware:1.0.3.34
-
cpe:2.3:o:netgear:xr300_firmware:1.0.3.38
-
cpe:2.3:o:netgear:xr300_firmware:1.0.3.50
-
cpe:2.3:o:netgear:xr300_firmware:1.0.3.50_10.3.36