Vulnerability Details CVE-2022-27645
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15762.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.5%
CVSS Severity
CVSS v3 Score 8.8
References
- https://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325
- https://www.zerodayinitiative.com/advisories/ZDI-22-522/
- https://kb.netgear.com/000064722/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-and-Fixed-Wireless-Products-PSV-2021-0325
- https://www.zerodayinitiative.com/advisories/ZDI-22-522/
Products affected by CVE-2022-27645
-
cpe:2.3:h:netgear:lax20:-
-
cpe:2.3:h:netgear:r6400:v2
-
cpe:2.3:h:netgear:r6700:v3
-
cpe:2.3:h:netgear:r7000:-
-
cpe:2.3:h:netgear:r7850:-
-
cpe:2.3:h:netgear:r7900p:-
-
cpe:2.3:h:netgear:r7960p:-
-
cpe:2.3:h:netgear:r8000:-
-
cpe:2.3:h:netgear:r8000p:-
-
cpe:2.3:h:netgear:r8500:-
-
cpe:2.3:h:netgear:rax15:-
-
cpe:2.3:h:netgear:rax200:-
-
cpe:2.3:h:netgear:rax20:-
-
cpe:2.3:h:netgear:rax35:v2
-
cpe:2.3:h:netgear:rax38:v2
-
cpe:2.3:h:netgear:rax40:v2
-
cpe:2.3:h:netgear:rax42:-
-
cpe:2.3:h:netgear:rax43:-
-
cpe:2.3:h:netgear:rax45:-
-
cpe:2.3:h:netgear:rax48:-
-
cpe:2.3:h:netgear:rax50:-
-
cpe:2.3:h:netgear:rax50s:-
-
cpe:2.3:h:netgear:rax75:-
-
cpe:2.3:o:netgear:lax20_firmware:-
-
cpe:2.3:o:netgear:lax20_firmware:1.1.6.28
-
cpe:2.3:o:netgear:r6400_firmware:-
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.12
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.14
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.18
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.20
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.24
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.32
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.36
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.42
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.44
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.46
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.50
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.52
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.62
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.62_1.0.41
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.68
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.70
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.74
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.76
-
cpe:2.3:o:netgear:r6400_firmware:1.0.1.78
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.18
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.30
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.32
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.34
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.44
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.46
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.52
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.56
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.60
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.62
-
cpe:2.3:o:netgear:r6400_firmware:1.0.2.66
-
cpe:2.3:o:netgear:r6400_firmware:1.0.4.122
-
cpe:2.3:o:netgear:r6400_firmware:1.0.4.84
-
cpe:2.3:o:netgear:r6400_firmware:1.0.4.98
-
cpe:2.3:o:netgear:r6700_firmware:-
-
cpe:2.3:o:netgear:r6700_firmware:1.0.0.26
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.14
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.16
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.20
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.22
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.26
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.30
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.36
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.44
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.46
-
cpe:2.3:o:netgear:r6700_firmware:1.0.1.48
-
cpe:2.3:o:netgear:r6700_firmware:1.0.2.16
-
cpe:2.3:o:netgear:r6700_firmware:1.0.2.26
-
cpe:2.3:o:netgear:r6700_firmware:1.0.2.32
-
cpe:2.3:o:netgear:r6700_firmware:1.0.2.52
-
cpe:2.3:o:netgear:r6700_firmware:1.0.2.6
-
cpe:2.3:o:netgear:r6700_firmware:1.0.2.62
-
cpe:2.3:o:netgear:r6700_firmware:1.0.2.66
-
cpe:2.3:o:netgear:r6700_firmware:1.0.2.8
-
cpe:2.3:o:netgear:r6700_firmware:1.0.4.120
-
cpe:2.3:o:netgear:r6700_firmware:1.0.4.122
-
cpe:2.3:o:netgear:r6700_firmware:1.0.4.84
-
cpe:2.3:o:netgear:r6700_firmware:1.0.4.84_10.0.58
-
cpe:2.3:o:netgear:r6700_firmware:1.0.4.98
-
cpe:2.3:o:netgear:r7000_firmware:-
-
cpe:2.3:o:netgear:r7000_firmware:1.0.11.100
-
cpe:2.3:o:netgear:r7000_firmware:1.0.11.106
-
cpe:2.3:o:netgear:r7000_firmware:1.0.11.110
-
cpe:2.3:o:netgear:r7000_firmware:1.0.11.116
-
cpe:2.3:o:netgear:r7000_firmware:1.0.11.116_10.2.100
-
cpe:2.3:o:netgear:r7000_firmware:1.0.11.123
-
cpe:2.3:o:netgear:r7000_firmware:1.0.11.126
-
cpe:2.3:o:netgear:r7000_firmware:1.0.11.128
-
cpe:2.3:o:netgear:r7000_firmware:1.0.11.130
-
cpe:2.3:o:netgear:r7000_firmware:1.0.7.10
-
cpe:2.3:o:netgear:r7000_firmware:1.0.7.2_1.1.93
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.10
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.12
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.14
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.18
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.26
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.28
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.32
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.34
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.4
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.42
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.6
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.60
-
cpe:2.3:o:netgear:r7000_firmware:1.0.9.88
-
cpe:2.3:o:netgear:r7850_firmware:-
-
cpe:2.3:o:netgear:r7850_firmware:1.0.5.60
-
cpe:2.3:o:netgear:r7850_firmware:1.0.5.64
-
cpe:2.3:o:netgear:r7850_firmware:1.0.5.68
-
cpe:2.3:o:netgear:r7850_firmware:1.0.5.74
-
cpe:2.3:o:netgear:r7850_firmware:1.0.5.76
-
cpe:2.3:o:netgear:r7900p_firmware:-
-
cpe:2.3:o:netgear:r7900p_firmware:1.1.4.6
-
cpe:2.3:o:netgear:r7900p_firmware:1.1.5.14
-
cpe:2.3:o:netgear:r7900p_firmware:1.3.0.10
-
cpe:2.3:o:netgear:r7900p_firmware:1.4.0.10
-
cpe:2.3:o:netgear:r7900p_firmware:1.4.1.24
-
cpe:2.3:o:netgear:r7900p_firmware:1.4.1.30
-
cpe:2.3:o:netgear:r7900p_firmware:1.4.1.42
-
cpe:2.3:o:netgear:r7900p_firmware:1.4.1.50
-
cpe:2.3:o:netgear:r7900p_firmware:1.4.1.62
-
cpe:2.3:o:netgear:r7900p_firmware:1.4.1.66
-
cpe:2.3:o:netgear:r7900p_firmware:1.4.2.84
-
cpe:2.3:o:netgear:r7960p_firmware:-
-
cpe:2.3:o:netgear:r7960p_firmware:1.4.1.44
-
cpe:2.3:o:netgear:r7960p_firmware:1.4.1.50
-
cpe:2.3:o:netgear:r7960p_firmware:1.4.1.62
-
cpe:2.3:o:netgear:r7960p_firmware:1.4.1.66
-
cpe:2.3:o:netgear:r7960p_firmware:1.4.2.84
-
cpe:2.3:o:netgear:r8000_firmware:-
-
cpe:2.3:o:netgear:r8000_firmware:1.0.3.22
-
cpe:2.3:o:netgear:r8000_firmware:1.0.3.24
-
cpe:2.3:o:netgear:r8000_firmware:1.0.3.26
-
cpe:2.3:o:netgear:r8000_firmware:1.0.3.32
-
cpe:2.3:o:netgear:r8000_firmware:1.0.3.36
-
cpe:2.3:o:netgear:r8000_firmware:1.0.3.44
-
cpe:2.3:o:netgear:r8000_firmware:1.0.3.46
-
cpe:2.3:o:netgear:r8000_firmware:1.0.3.48
-
cpe:2.3:o:netgear:r8000_firmware:1.0.3.54
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.12
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.18
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.2
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.28
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.28_10.1.54
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.4
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.46
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.4_1.1.42
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.52
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.56
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.58
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.62
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.66
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.68
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.74
-
cpe:2.3:o:netgear:r8000_firmware:1.0.4.76
-
cpe:2.3:o:netgear:r8000p_firmware:-
-
cpe:2.3:o:netgear:r8000p_firmware:1.1.4.6
-
cpe:2.3:o:netgear:r8000p_firmware:1.1.5.14
-
cpe:2.3:o:netgear:r8000p_firmware:1.3.0.10
-
cpe:2.3:o:netgear:r8000p_firmware:1.4.0.10
-
cpe:2.3:o:netgear:r8000p_firmware:1.4.1.24
-
cpe:2.3:o:netgear:r8000p_firmware:1.4.1.30
-
cpe:2.3:o:netgear:r8000p_firmware:1.4.1.42
-
cpe:2.3:o:netgear:r8000p_firmware:1.4.1.50
-
cpe:2.3:o:netgear:r8000p_firmware:1.4.1.62
-
cpe:2.3:o:netgear:r8000p_firmware:1.4.1.66
-
cpe:2.3:o:netgear:r8000p_firmware:1.4.2.84
-
cpe:2.3:o:netgear:r8500_firmware:-
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.100
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.100_1.0.82
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.104
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.106
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.110
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.116
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.122
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.128
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.130
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.134
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.136
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.154
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.156
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.74
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.86
-
cpe:2.3:o:netgear:r8500_firmware:1.0.2.94
-
cpe:2.3:o:netgear:rax15_firmware:-
-
cpe:2.3:o:netgear:rax15_firmware:1.0.1.64
-
cpe:2.3:o:netgear:rax15_firmware:1.0.2.64
-
cpe:2.3:o:netgear:rax15_firmware:1.0.2.82
-
cpe:2.3:o:netgear:rax15_firmware:1.0.3.96
-
cpe:2.3:o:netgear:rax15_firmware:1.0.4.100
-
cpe:2.3:o:netgear:rax200_firmware:-
-
cpe:2.3:o:netgear:rax200_firmware:1.0.1.12
-
cpe:2.3:o:netgear:rax200_firmware:1.0.2.102
-
cpe:2.3:o:netgear:rax200_firmware:1.0.3.106
-
cpe:2.3:o:netgear:rax200_firmware:1.0.4.120
-
cpe:2.3:o:netgear:rax200_firmware:1.0.5.126
-
cpe:2.3:o:netgear:rax200_firmware:1.0.5.132
-
cpe:2.3:o:netgear:rax200_firmware:1.0.5.24
-
cpe:2.3:o:netgear:rax20_firmware:-
-
cpe:2.3:o:netgear:rax20_firmware:1.0.1.64
-
cpe:2.3:o:netgear:rax20_firmware:1.0.2.64
-
cpe:2.3:o:netgear:rax20_firmware:1.0.2.82
-
cpe:2.3:o:netgear:rax20_firmware:1.0.3.96
-
cpe:2.3:o:netgear:rax20_firmware:1.0.4.100
-
cpe:2.3:o:netgear:rax35_firmware:-
-
cpe:2.3:o:netgear:rax35_firmware:1.0.10.94
-
cpe:2.3:o:netgear:rax35_firmware:1.0.3.62
-
cpe:2.3:o:netgear:rax35_firmware:1.0.3.80
-
cpe:2.3:o:netgear:rax35_firmware:1.0.3.94
-
cpe:2.3:o:netgear:rax35_firmware:1.0.4.102
-
cpe:2.3:o:netgear:rax38_firmware:-
-
cpe:2.3:o:netgear:rax38_firmware:1.0.10.94
-
cpe:2.3:o:netgear:rax38_firmware:1.0.3.94
-
cpe:2.3:o:netgear:rax38_firmware:1.0.4.102
-
cpe:2.3:o:netgear:rax40_firmware:-
-
cpe:2.3:o:netgear:rax40_firmware:1.0.10.94
-
cpe:2.3:o:netgear:rax40_firmware:1.0.3.62
-
cpe:2.3:o:netgear:rax40_firmware:1.0.3.64
-
cpe:2.3:o:netgear:rax40_firmware:1.0.3.80
-
cpe:2.3:o:netgear:rax40_firmware:1.0.3.94
-
cpe:2.3:o:netgear:rax40_firmware:1.0.4.102
-
cpe:2.3:o:netgear:rax42_firmware:-
-
cpe:2.3:o:netgear:rax42_firmware:1.0.4.100
-
cpe:2.3:o:netgear:rax43_firmware:-
-
cpe:2.3:o:netgear:rax43_firmware:1.0.3.96
-
cpe:2.3:o:netgear:rax43_firmware:1.0.4.100
-
cpe:2.3:o:netgear:rax45_firmware:-
-
cpe:2.3:o:netgear:rax45_firmware:1.0.2.28
-
cpe:2.3:o:netgear:rax45_firmware:1.0.2.32
-
cpe:2.3:o:netgear:rax45_firmware:1.0.2.64
-
cpe:2.3:o:netgear:rax45_firmware:1.0.2.66
-
cpe:2.3:o:netgear:rax45_firmware:1.0.2.72
-
cpe:2.3:o:netgear:rax45_firmware:1.0.2.82
-
cpe:2.3:o:netgear:rax45_firmware:1.0.3.96
-
cpe:2.3:o:netgear:rax45_firmware:1.0.4.100
-
cpe:2.3:o:netgear:rax48_firmware:-
-
cpe:2.3:o:netgear:rax48_firmware:1.0.4.100
-
cpe:2.3:o:netgear:rax50_firmware:-
-
cpe:2.3:o:netgear:rax50_firmware:1.0.2.28
-
cpe:2.3:o:netgear:rax50_firmware:1.0.2.32
-
cpe:2.3:o:netgear:rax50_firmware:1.0.2.64
-
cpe:2.3:o:netgear:rax50_firmware:1.0.2.66
-
cpe:2.3:o:netgear:rax50_firmware:1.0.2.72
-
cpe:2.3:o:netgear:rax50_firmware:1.0.2.82
-
cpe:2.3:o:netgear:rax50_firmware:1.0.3.96
-
cpe:2.3:o:netgear:rax50_firmware:1.0.4.100
-
cpe:2.3:o:netgear:rax50s_firmware:-
-
cpe:2.3:o:netgear:rax50s_firmware:1.0.4.100
-
cpe:2.3:o:netgear:rax75_firmware:-
-
cpe:2.3:o:netgear:rax75_firmware:1.0.1.62
-
cpe:2.3:o:netgear:rax75_firmware:1.0.3.102
-
cpe:2.3:o:netgear:rax75_firmware:1.0.3.106
-
cpe:2.3:o:netgear:rax75_firmware:1.0.4.120
-
cpe:2.3:o:netgear:rax75_firmware:1.0.5.126
-
cpe:2.3:o:netgear:rax75_firmware:1.0.5.132