CVE-2021-45569
Description
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authenticated command injection vulnerability in multiple NETGEAR WiFi system models; fixed in firmware 3.2.16.6.
Vulnerability
The vulnerability is a post-authentication command injection in multiple NETGEAR WiFi system models, including RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850 running firmware versions prior to 3.2.16.6. An authenticated user can exploit this flaw to execute arbitrary commands on the device [1].
Exploitation
An attacker with valid credentials can craft malicious input that, when processed by the vulnerable component, results in command injection. The exact attack vector is not disclosed in the advisory, but it requires authenticated access to the device [1].
Impact
Successful exploitation allows an authenticated attacker to execute arbitrary commands on the device, potentially leading to full compromise of the WiFi system, including access to sensitive information, modification of settings, or disruption of services [1].
Mitigation
NETGEAR has released firmware version 3.2.16.6 that fixes the vulnerability for all affected models. Users are strongly advised to download and install the latest firmware from NETGEAR Support as soon as possible [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- NETGEAR/devicesdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.