CVE-2021-45563

Vulnerability

A post-authentication command injection vulnerability exists in certain NETGEAR WiFi system products. The affected models are RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850 running firmware versions prior to 3.2.16.6 [1]. An authenticated user can inject arbitrary commands through a vulnerable input field.

Exploitation

An attacker must have valid authentication credentials to the device's management interface. No special network position beyond local network access is required, as the management interface is typically accessible only from the local LAN. The attacker sends crafted input that includes shell metacharacters, which are not properly sanitized, resulting in command execution [1].

Impact

Successful exploitation allows the authenticated attacker to execute arbitrary commands as a privileged user on the device. This can lead to full compromise of the WiFi system, including unauthorized access to configuration data, network traffic inspection, and further lateral movement within the network [1]. The CVSS v3.1 score is 8.4 (Medium severity) with a vector of AV:A/AC:L/... indicating high availability impact.

Mitigation

NETGEAR has released firmware version 3.2.16.6 to fix this vulnerability. All affected models should be updated to this version or later. The update can be obtained from NETGEAR Support page [1]. No workarounds are mentioned; the only mitigation is applying the firmware update. The advisory was first published on 2021-09-26 and the CVE published on 2021-12-26 [1]. This vulnerability is not listed on CISA's Known Exploited Vulnerabilities catalog (as of current knowledge).