Description
Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, RBK752 before 3.2.10.10, RBR750 before 3.2.10.10, and RBS750 before 3.2.10.10.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://kb.netgear.com/000063777/Security-Advisory-for-Authentication-Bypass-on-Some-Extenders-and-WiFi-Systems-PSV-2020-0008
Scores
CVSS v3
9.6
EPSS
0.0032
EPSS Percentile
54.8%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Details
Status
published
Products (11)
netgear/cbr40_firmware
< 2.5.0.10
netgear/eax20_firmware
< 1.0.0.48
netgear/mk62_firmware
< 1.0.6.110
netgear/mr60_firmware
< 1.0.6.110
netgear/ms60_firmware
< 1.0.6.110
netgear/rbk752_firmware
< 3.2.10.10
netgear/rbk852_firmware
< 3.2.10.11
netgear/rbr750_firmware
< 3.2.10.10
netgear/rbr850_firmware
< 3.2.10.11
netgear/rbs750_firmware
< 3.2.10.10
... and 1 more
Published
Aug 11, 2021
Tracked Since
Feb 18, 2026