CVE-2021-45503

Vulnerability

An authentication bypass vulnerability exists in several NETGEAR WiFi system models, including CBR750, RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850. The flaw affects firmware versions prior to 4.6.3.6 (CBR750) or 3.2.17.12 (all other listed models) [1]. The exact mechanism is not detailed in the advisory, but it allows an attacker to bypass the authentication mechanism of the device's management interface.

Exploitation

An unauthenticated attacker can exploit this vulnerability remotely over the network without requiring any credentials or user interaction. The advisory does not specify a complex sequence of steps; however, as it is a remote authentication bypass, the attacker would likely send specially crafted requests to the affected device's web interface or administrative API [1].

Impact

Successful exploitation grants the attacker administrative access to the affected device. This could lead to full compromise of the WiFi system, including the ability to modify configuration, intercept or redirect network traffic, and potentially pivot to other devices on the network. The CVSS score of 9.6 (Critical) reflects the high severity of this remote authentication bypass [1].

Mitigation

NETGEAR has released fixed firmware versions for all affected models: 4.6.3.6 for CBR750 and 3.2.17.12 for the Orbi devices (RBK752, RBR750, RBS750, RBK852, RBR850, RBS850). Users should download and install the latest firmware from NETGEAR Support as soon as possible. No workarounds are mentioned, and these devices are not listed as End-of-Life [1].