Unrated severityNVD Advisory· Published Dec 26, 2021· Updated Aug 4, 2024

CVE-2021-45509

Description

Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Authentication bypass vulnerability in multiple NETGEAR WiFi systems allows remote attackers to gain administrative access without credentials, affecting firmware versions before 2.5.0.24 or 3.2.17.12.

Vulnerability

An authentication bypass vulnerability exists in multiple NETGEAR WiFi system models. The issue affects firmware versions: CBR40 prior to 2.5.0.24, and RBK752, RBR750, RBS750, RBK852, RBR850, RBS850 prior to 3.2.17.12 [1]. The vulnerability can be exploited remotely by an unauthenticated attacker.

Exploitation

An attacker can exploit this authentication bypass remotely by sending specially crafted requests to the device's management interface. No prior authentication or user interaction is required. The specific technical details of the exploit are not publicly disclosed in the advisory [1].

Impact

Successful exploitation grants the attacker full administrative access to the affected WiFi system. This can lead to unauthorized control over network settings, exposure of sensitive information including Wi-Fi passwords, and potential further compromise of connected devices.

Mitigation

NETGEAR has released fixed firmware versions: CBR40 firmware version 2.5.0.24, and firmware version 3.2.17.12 for RBK752, RBR750, RBS750, RBK852, RBR850, RBS850. Users should upgrade to the latest firmware as soon as possible via the NETGEAR support website [1]. No workarounds are provided.

References

Security Advisory for Authentication Bypass on Some WiFi Systems, PSV-2020-0564

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Netgear/CBR40llm-fuzzy
Range: <2.5.0.24
Netgear/RBK752llm-fuzzy
Range: <3.2.17.12
Netgear/RBR750llm-fuzzy
Range: <3.2.17.12

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.netgear.com/000064148/Security-Advisory-for-Authentication-Bypass-on-Some-WiFi-Systems-PSV-2020-0564mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000