CVE-2021-45614
Description
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 before 1.0.4.120, RAX45 before 1.0.3.96, RAX50 before 1.0.3.96, RAX43 before 1.0.3.96, RAX40v2 before 1.0.3.96, RAX35v2 before 1.0.3.96, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and XR1000 before 1.0.0.58.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Pre-authentication command injection in multiple NETGEAR routers and WiFi systems allows unauthenticated remote attackers to execute arbitrary commands.
Vulnerability
A command injection vulnerability exists in multiple NETGEAR devices prior to specific firmware versions. An unauthenticated attacker can exploit this flaw by sending a specially crafted request to the affected device, resulting in arbitrary command execution. Affected models include D7000v2 (before 1.0.0.74), LAX20 (before 1.1.6.28), MK62 (before 1.0.6.116), MR60 (before 1.0.6.116), MS60 (before 1.0.6.116), RAX15 (before 1.0.3.96), RAX20 (before 1.0.3.96), RAX200 (before 1.0.4.120), RAX45 (before 1.0.3.96), RAX50 (before 1.0.3.96), RAX43 (before 1.0.3.96), RAX40v2 (before 1.0.3.96), RAX35v2 (before 1.0.3.96), RAX75 (before 1.0.4.120), RAX80 (before 1.0.4.120), RBK752 (before 3.2.17.12), RBR750 (before 3.2.17.12), RBS750 (before 3.2.17.12), RBK852 (before 3.2.17.12), RBR850 (before 3.2.17.12), RBS850 (before 3.2.17.12), and XR1000 (before 1.0.0.58) [1].
Exploitation
An unauthenticated attacker with network access to the affected device can exploit this vulnerability by sending a crafted HTTP request to the web management interface. No authentication or user interaction is required. The injection occurs in a vulnerable parameter, allowing the attacker to inject arbitrary operating system commands [1].
Impact
Successful exploitation allows an unauthenticated attacker to execute arbitrary commands with root privileges on the device. This can lead to full compromise of the device, including unauthorized access to the network, data exfiltration, and potential use as a pivot point for further attacks [1].
Mitigation
NETGEAR has released firmware updates for all affected models. Users should download and install the latest firmware from the NETGEAR Support website as soon as possible. The fixed versions are: D7000v2 1.0.0.74, LAX20 1.1.6.28, MK62 1.0.6.116, MR60 1.0.6.116, MS60 1.0.6.116, RAX15 1.0.3.96, RAX20 1.0.3.96, RAX200 1.0.4.120, RAX45 1.0.3.96, RAX50 1.0.3.96, RAX43 1.0.3.96, RAX40v2 1.0.3.96, RAX35v2 1.0.3.96, RAX75 1.0.4.120, RAX80 1.0.4.120, RBK752 3.2.17.12, RBR750 3.2.17.12, RBS750 3.2.17.12, RBK852 3.2.17.12, RBR850 3.2.17.12, RBS850 3.2.17.12, and XR1000 1.0.0.58 [1]. No workarounds are provided; updating firmware is the recommended mitigation.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- NETGEAR/NETGEARdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.