CVE-2021-45595

Vulnerability

A post-authentication command injection vulnerability exists in multiple NETGEAR WiFi system models. The flaw resides in the firmware of devices such as LBR20, RBS50Y, RBR10, RBR20, RBR40, RBR50, RBS10, RBS20, RBS40, RBS50, RBK12, RBK20, RBK40, and RBK50. Affected versions are LBR20 before 2.6.3.50 and all other listed models before 2.7.3.22. An attacker must first authenticate to the device's administrative interface to exploit this vulnerability [1].

Exploitation

To exploit the vulnerability, an attacker needs valid administrative credentials for the target NETGEAR device. Once authenticated, the attacker can inject arbitrary operating system commands through a vulnerable input field or parameter. The exact attack vector is not detailed in the advisory, but it is a command injection flaw that does not require any additional user interaction beyond authentication [1].

Impact

Successful exploitation allows an authenticated attacker to execute arbitrary commands on the device with root privileges. This can lead to full compromise of the device, including unauthorized access to network traffic, modification of device settings, and potential lateral movement within the network. The impact is severe as it grants complete control over the affected WiFi system [1].

Mitigation

NETGEAR has released firmware updates to fix this vulnerability. Users should upgrade LBR20 to version 2.6.3.50 or later, and all other affected models to version 2.7.3.22 or later. The firmware can be downloaded from NETGEAR Support. No workarounds are provided; updating to the latest firmware is the only mitigation [1].