Details of VAR-202110-1807

ID

VAR-202110-1807

CVE

CVE-2021-34983

TITLE

Vulnerability related to lack of authentication for important functions in multiple NETGEAR products

Trust: 0.8

sources: JVNDB: JVNDB-2021-021935

DESCRIPTION

NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of authentication prior to allowing access to system configuration information. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13708

Trust: 2.25

sources: NVD: CVE-2021-34983 // JVNDB: JVNDB-2021-021935 // ZDI: ZDI-21-1275

AFFECTED PRODUCTS

vendor:	netgear	model:	rax75	scope:	lt	version:	1.0.5.132	Trust: 1.0
vendor:	netgear	model:	rax35v2	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	r7960p	scope:	lt	version:	1.4.2.84	Trust: 1.0
vendor:	netgear	model:	ex3800	scope:	lt	version:	1.0.0.94	Trust: 1.0
vendor:	netgear	model:	r6400	scope:	lt	version:	1.0.1.76	Trust: 1.0
vendor:	netgear	model:	r7100lg	scope:	lt	version:	1.0.0.72	Trust: 1.0
vendor:	netgear	model:	v6510-1fxaus	scope:	lt	version:	1.0.0.80	Trust: 1.0
vendor:	netgear	model:	rax80	scope:	lt	version:	1.0.5.132	Trust: 1.0
vendor:	netgear	model:	xr300	scope:	lt	version:	1.0.3.68	Trust: 1.0
vendor:	netgear	model:	raxe500	scope:	lt	version:	1.0.8.70	Trust: 1.0
vendor:	netgear	model:	ex3700	scope:	lt	version:	1.0.0.94	Trust: 1.0
vendor:	netgear	model:	rs400	scope:	lt	version:	1.5.1.80	Trust: 1.0
vendor:	netgear	model:	r6700v3	scope:	lt	version:	1.0.4.120	Trust: 1.0
vendor:	netgear	model:	wndr3400v3	scope:	lt	version:	1.0.1.42	Trust: 1.0
vendor:	netgear	model:	d6400	scope:	lt	version:	1.0.0.108	Trust: 1.0
vendor:	netgear	model:	rax38v2	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	r8000p	scope:	lt	version:	1.4.2.84	Trust: 1.0
vendor:	netgear	model:	r6400v2	scope:	lt	version:	1.0.4.120	Trust: 1.0
vendor:	netgear	model:	d6220	scope:	lt	version:	1.0.0.76	Trust: 1.0
vendor:	netgear	model:	ms80	scope:	lt	version:	1.1.6.10	Trust: 1.0
vendor:	netgear	model:	rax48	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	wnr3500lv2	scope:	lt	version:	1.2.0.70	Trust: 1.0
vendor:	netgear	model:	xr1000	scope:	lt	version:	1.0.0.64	Trust: 1.0
vendor:	netgear	model:	rax50	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	r8500	scope:	lt	version:	1.0.2.156	Trust: 1.0
vendor:	netgear	model:	rax40v2	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	r8000	scope:	lt	version:	1.0.4.76	Trust: 1.0
vendor:	netgear	model:	r6900p	scope:	lt	version:	1.3.3.148	Trust: 1.0
vendor:	netgear	model:	dc112a	scope:	lt	version:	1.0.0.62	Trust: 1.0
vendor:	netgear	model:	mr60	scope:	lt	version:	1.1.6.122	Trust: 1.0
vendor:	netgear	model:	ex7500	scope:	lt	version:	1.0.1.76	Trust: 1.0
vendor:	netgear	model:	rax43	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	ex7000	scope:	lt	version:	1.0.1.106	Trust: 1.0
vendor:	netgear	model:	d7000v2	scope:	lt	version:	1.0.0.76	Trust: 1.0
vendor:	netgear	model:	dgn2200v4	scope:	lt	version:	1.0.0.126	Trust: 1.0
vendor:	netgear	model:	r7000	scope:	lt	version:	1.0.11.128	Trust: 1.0
vendor:	netgear	model:	ms60	scope:	lt	version:	1.1.6.122	Trust: 1.0
vendor:	netgear	model:	ex6120	scope:	lt	version:	1.0.0.66	Trust: 1.0
vendor:	netgear	model:	r7900p	scope:	lt	version:	1.4.2.84	Trust: 1.0
vendor:	netgear	model:	rax15	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	rax45	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	lax20	scope:	lt	version:	1.1.6.30	Trust: 1.0
vendor:	netgear	model:	rax50s	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	rax42	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	r7850	scope:	lt	version:	1.0.5.76	Trust: 1.0
vendor:	netgear	model:	raxe450	scope:	lt	version:	1.0.8.70	Trust: 1.0
vendor:	netgear	model:	ex6130	scope:	lt	version:	1.0.0.46	Trust: 1.0
vendor:	netgear	model:	r7000p	scope:	lt	version:	1.3.3.148	Trust: 1.0
vendor:	netgear	model:	rax20	scope:	lt	version:	1.0.4.100	Trust: 1.0
vendor:	netgear	model:	r8300	scope:	lt	version:	1.0.2.156	Trust: 1.0
vendor:	netgear	model:	mr80	scope:	lt	version:	1.1.6.10	Trust: 1.0
vendor:	netgear	model:	rax200	scope:	lt	version:	1.0.5.132	Trust: 1.0
vendor:	ネットギア	model:	d6220	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	ex3700	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	xr300	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	ex6120	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	ms60	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	ex7500	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	xr1000	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	ex6130	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	r6400	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	d6400	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	lax20	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	mr80	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	dc112a	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	ex3800	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	ex7000	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	d7000v2	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	dgn2200v4	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	ms80	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	mr60	scope:	-	version:	-	Trust: 0.8
vendor:	ネットギア	model:	v6510-1fxaus	scope:	-	version:	-	Trust: 0.8
vendor:	netgear	model:	multiple routers	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-21-1275 // JVNDB: JVNDB-2021-021935 // NVD: CVE-2021-34983

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com:	CVE-2021-34983
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2021-021935
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2021-34983
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-202110-2191
value:	MEDIUM
Trust: 0.6

zdi-disclosures@trendmicro.com:	CVE-2021-34983
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.0
OTHER:	JVNDB-2021-021935
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2021-34983
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-21-1275 // JVNDB: JVNDB-2021-021935 // CNNVD: CNNVD-202110-2191 // NVD: CVE-2021-34983

PROBLEMTYPE DATA

problemtype:	CWE-306	Trust: 1.0
problemtype:	Lack of authentication for critical features (CWE-306) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-021935 // NVD: CVE-2021-34983

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-2191

PATCH

title:	NETGEAR has issued an update to correct this vulnerability.	url:	https://kb.netgear.com/000064313/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Extenders-Routers-and-DSL-Modem-Routers-PSV-2021-0159	Trust: 0.7
title:	Netgear NETGEAR Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167951	Trust: 0.6

sources: ZDI: ZDI-21-1275 // CNNVD: CNNVD-202110-2191

EXTERNAL IDS

db:	NVD	id:	CVE-2021-34983	Trust: 3.9
db:	ZDI	id:	ZDI-21-1275	Trust: 3.1
db:	JVNDB	id:	JVNDB-2021-021935	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-13708	Trust: 0.7
db:	CNNVD	id:	CNNVD-202110-2191	Trust: 0.6

sources: ZDI: ZDI-21-1275 // JVNDB: JVNDB-2021-021935 // CNNVD: CNNVD-202110-2191 // NVD: CVE-2021-34983

REFERENCES

url:	https://kb.netgear.com/000064313/security-advisory-for-pre-authentication-buffer-overflow-on-some-extenders-routers-and-dsl-modem-routers-psv-2021-0159	Trust: 2.5
url:	https://www.zerodayinitiative.com/advisories/zdi-21-1275/	Trust: 2.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-34983	Trust: 0.8

sources: ZDI: ZDI-21-1275 // JVNDB: JVNDB-2021-021935 // CNNVD: CNNVD-202110-2191 // NVD: CVE-2021-34983

CREDITS

Sungur Labs

Trust: 1.3

sources: ZDI: ZDI-21-1275 // CNNVD: CNNVD-202110-2191

SOURCES

db:	ZDI	id:	ZDI-21-1275
db:	JVNDB	id:	JVNDB-2021-021935
db:	CNNVD	id:	CNNVD-202110-2191
db:	NVD	id:	CVE-2021-34983

LAST UPDATE DATE

2025-08-20T23:06:15.645000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-1275	date:	2021-10-29T00:00:00
db:	JVNDB	id:	JVNDB-2021-021935	date:	2025-08-18T05:10:00
db:	CNNVD	id:	CNNVD-202110-2191	date:	2021-11-01T00:00:00
db:	NVD	id:	CVE-2021-34983	date:	2025-08-14T01:40:56.983

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-1275	date:	2021-10-29T00:00:00
db:	JVNDB	id:	JVNDB-2021-021935	date:	2025-08-18T00:00:00
db:	CNNVD	id:	CNNVD-202110-2191	date:	2021-10-29T00:00:00
db:	NVD	id:	CVE-2021-34983	date:	2024-05-07T23:15:13.573