How severe is CVE-2021-45613?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2021-45613?

This is classified as CWE-77, which is a common weakness in software security.

CVE-2021-45613 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, MR80 before 1.1.2.20, MS80 before 1.1.2.20, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.

Related Vulnerabilities

CVE-2005-2773

CRITICAL

CVSS:9.8(Critical)

HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3)...

CWE-772005

CVE-2007-3010

CRITICAL

CVSS:9.8(Critical)

masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user...

CWE-772007

CVE-2008-7313

CRITICAL

CVSS:9.8(Critical)

The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.

CWE-772008

CVE-2008-7315

CRITICAL

CVSS:9.8(Critical)

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.

CWE-772008

CVE-2008-7319

CRITICAL

CVSS:9.8(Critical)

The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters before use of backticks in External.pm, allowing ...

CWE-772008

CVE-2009-5156

CRITICAL

CVSS:9.8(Critical)

An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Command Injection via the cgi-bin/script query string.

CWE-772009