CVE-2021-45505

Vulnerability

An authentication bypass vulnerability exists in the web management interface of multiple NETGEAR Orbi WiFi system models. The affected models are CBR750 before firmware version 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12 [1]. The bug allows an attacker to bypass authentication without any prior credentials or special conditions.

Exploitation

An attacker can exploit this vulnerability by sending specially crafted requests to the administrative interface of an affected device. No authentication, network proximity, or user interaction is required. The attacker only needs network access to the device's management interface, which is typically exposed on the LAN but may also be exposed to the WAN depending on network configuration [1].

Impact

Successful exploitation grants the attacker administrative control over the affected device. This can lead to full compromise of the WiFi system, including the ability to modify settings, intercept network traffic, or pivot to other devices on the network. The CVSS score of 9.6 (Critical) reflects the high severity due to the lack of authentication requirements and potential for complete system compromise [1].

Mitigation

NETGEAR released fixed firmware versions to address this vulnerability: CBR750 firmware 4.6.3.6, and all other affected models (RBK752, RBR750, RBS750, RBK852, RBR850, RBS850) firmware version 3.2.17.12 [1]. Users should upgrade to these or later versions immediately via the NETGEAR Support page. No workaround is available if the device cannot be updated. As of the publication date, this CVE is not listed on the CISA Known Exploited Vulnerabilities catalog.