CVE-2021-45650
CRITICALNETGEAR R7000/R7900/R8000/RS400/R6400v2/R7000P/R6700v3/R6900P Firmware - Unauthorized Sensitive Information Exposure
Title source: llmDescription
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RS400 before 1.5.1.80, R6400v2 before 1.0.4.102, R7000P before 1.3.2.126, R6700v3 before 1.0.4.102, and R6900P before 1.3.2.126.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://kb.netgear.com/000064459/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2020-0117
Scores
CVSS v3
9.1
EPSS
0.0027
EPSS Percentile
50.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-200
Status
published
Products (8)
netgear/r6400v2_firmware
< 1.0.4.102
netgear/r6700v3_firmware
< 1.0.4.102
netgear/r6900p_firmware
< 1.3.2.126
netgear/r7000_firmware
< 1.0.11.110
netgear/r7000p_firmware
< 1.3.2.126
netgear/r7900_firmware
< 1.0.4.30
netgear/r8000_firmware
< 1.0.4.62
netgear/rs400_firmware
< 1.5.1.80
Published
Dec 26, 2021
Tracked Since
Feb 18, 2026