CVE-2021-45648
LOWNETGEAR Multiple Models - Exposure of Sensitive Information
Title source: llmDescription
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EX6100v2 before 1.0.1.106, EX6150v2 before 1.0.1.106, EX6250 before 1.0.0.146, EX6400 before 1.0.2.164, EX6400v2 before 1.0.0.146, EX6410 before 1.0.0.146, EX6420 before 1.0.0.146, EX7300 before 1.0.2.164, EX7300v2 before 1.0.0.146, EX7320 before 1.0.0.146, EX7700 before 1.0.0.222, LBR1020 before 2.6.5.16, LBR20 before 2.6.5.2, RBK352 before 4.3.4.7, RBK50 before 2.7.3.22, RBR350 before 4.3.4.7, RBR50 before 2.7.3.22, and RBS350 before 4.3.4.7.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://kb.netgear.com/000064494/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0453
Scores
CVSS v3
3.1
EPSS
0.0031
EPSS Percentile
54.0%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (18)
netgear/ex6100v2_firmware
< 1.0.1.106
netgear/ex6150v2_firmware
< 1.0.1.106
netgear/ex6250_firmware
< 1.0.0.146
netgear/ex6400_firmware
< 1.0.2.164
netgear/ex6400v2_firmware
< 1.0.0.146
netgear/ex6410_firmware
< 1.0.0.146
netgear/ex6420_firmware
< 1.0.0.146
netgear/ex7300_firmware
< 1.0.2.164
netgear/ex7300v2_firmware
< 1.0.0.146
netgear/ex7320_firmware
< 1.0.0.146
... and 8 more
Published
Dec 26, 2021
Tracked Since
Feb 18, 2026