CVE-2021-45587

Vulnerability

A post-authentication command injection vulnerability exists in the web management interface of affected NETGEAR WiFi system models. The bug resides in the firmware of RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850. All devices running firmware versions prior to 3.2.16.6 are affected [1]. An attacker must have valid administrative credentials to reach the vulnerable code path.

Exploitation

An authenticated attacker can exploit this vulnerability by sending specially crafted HTTP requests to the management interface of the router or satellite. The attacker does not require physical access but must be on the same local network (adjacent) or have network access to the device's management web server. The CVSS vector indicates low attack complexity and low privileges required (authenticated as admin) [1]. The specific injection point is not publicly detailed but is known to occur after successful authentication.

Impact

Successful exploitation allows the attacker to inject and execute arbitrary operating system commands on the device with root privileges. This grants complete control over the affected WiFi system, enabling actions such as altering network traffic, exfiltrating data, installing persistent malware, or disrupting network services [1].

Mitigation

NETGEAR has released fixed firmware version 3.2.16.6 for all affected models. Affected users should download and install the latest firmware from the NETGEAR Support website as soon as possible [1]. No workaround is available; updating the firmware is the only mitigation.