Unrated severityNVD Advisory· Published Dec 26, 2021· Updated Aug 4, 2024

CVE-2021-45502

Description

Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Authentication bypass in multiple NETGEAR WiFi systems allows unauthenticated attackers to gain admin access.

Vulnerability

An authentication bypass vulnerability exists in several NETGEAR WiFi system models. Affected devices include CBR750 before firmware 4.6.3.6, and RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850 before firmware 3.2.17.12 [1]. The vulnerability allows an attacker to bypass authentication mechanisms, potentially gaining unauthorized access to the device's administrative interface.

Exploitation

An unauthenticated attacker on the local network can exploit this vulnerability by sending specially crafted network requests to the affected device. No user interaction is required. The advisory does not provide specific exploitation steps, but the attack vector is likely remote (LAN) and does not require authentication [1].

Impact

Successful exploitation allows an attacker to bypass authentication and gain full administrative control over the device. This could lead to information disclosure, modification of device settings, or denial of service [1].

Mitigation

NETGEAR has released firmware updates to address this vulnerability: CBR750 should be updated to version 4.6.3.6, and all other affected models (RBK752, RBR750, RBS750, RBK852, RBR850, RBS850) should be updated to version 3.2.17.12 [1]. Users are strongly advised to download and install the latest firmware from NETGEAR Support. No workarounds have been provided [1].

References

Security Advisory for Authentication Bypass on Some WiFi Systems, PSV-2020-0473

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Netgear/RBK752llm-fuzzy
Range: <3.2.17.12
Netgear/RBK852llm-fuzzy
Range: <3.2.17.12
Netgear/CBR750llm-fuzzy
Range: <4.6.3.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.netgear.com/000064126/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0473mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000