CVE-2021-40867
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process of logging in (e.g., behind the same NAT device, or already in possession of a foothold on an admin's machine). This occurs because the multi-step HTTP authentication process is effectively tied only to the source IP address. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, GS716TP before 1.0.4.2, GS716TPP before 1.0.4.2, GS724TPP before 2.0.6.3, GS724TPv2 before 2.0.6.3, GS728TPPv2 before 6.0.8.2, GS728TPv2 before 6.0.8.2, GS750E before 1.0.1.10, GS752TPP before 6.0.8.2, GS752TPv2 before 6.0.8.2, MS510TXM before 1.0.4.2, and MS510TXUP before 1.0.4.2.
Determinados smart switches de NETGEAR están afectados por una vulnerabilidad de secuestro de autenticación por parte de un atacante no autenticado que usa la misma dirección IP de origen que un administrador en el proceso de inicio de sesión (por ejemplo, detrás del mismo dispositivo NAT, o ya en posesión de un punto de apoyo en la máquina de un administrador). Esto ocurre porque el proceso de autenticación HTTP de varios pasos está efectivamente ligado sólo a la dirección IP de origen. Esto afecta a GC108P versiones anteriores a 1.0.8.2, GC108PP versiones anteriores a 1.0.8.2, GS108Tv3 versiones anteriores a 7.0.7.2, GS110TPP versiones anteriores a 7.0.7.2, GS110TPv3 versiones anteriores a 7. 0.7.2, GS110TUP versiones anteriores a 1.0.5.3, GS308T versiones anteriores a 1.0.3.2, GS310TP versiones anteriores a 1.0.3.2, GS710TUP versiones anteriores a 1.0.5.3, GS716TP versiones anteriores a 1.0.4. 2, GS716TPP versiones anteriores a 1.0.4.2, GS724TPP versiones anteriores a 2.0.6.3, GS724TPv2 versiones anteriores a 2.0.6.3, GS728TPPv2 versiones anteriores a 6.0.8.2, GS728TPv2 versiones anteriores a 6.0.8. 2, GS750E versiones anteriores a 1.0.1.10, GS752TPP versiones anteriores a 6.0.8.2, GS752TPv2 versiones anteriores a 6.0.8.2, MS510TXM versiones anteriores a 1.0.4.2 y MS510TXUP versiones anteriores a 1.0.4.2
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-09-13 CVE Reserved
- 2021-09-13 CVE Published
- 2023-04-06 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-290: Authentication Bypass by Spoofing
CAPEC
References (2)
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netgear Search vendor "Netgear" | Gc108p Firmware Search vendor "Netgear" for product "Gc108p Firmware" | < 1.0.8.2 Search vendor "Netgear" for product "Gc108p Firmware" and version " < 1.0.8.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gc108p Search vendor "Netgear" for product "Gc108p" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gc108pp Firmware Search vendor "Netgear" for product "Gc108pp Firmware" | < 1.0.8.2 Search vendor "Netgear" for product "Gc108pp Firmware" and version " < 1.0.8.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gc108pp Search vendor "Netgear" for product "Gc108pp" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs108t Firmware Search vendor "Netgear" for product "Gs108t Firmware" | < 7.0.7.2 Search vendor "Netgear" for product "Gs108t Firmware" and version " < 7.0.7.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs108tv3 Search vendor "Netgear" for product "Gs108tv3" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs110tpp Firmware Search vendor "Netgear" for product "Gs110tpp Firmware" | < 7.0.7.2 Search vendor "Netgear" for product "Gs110tpp Firmware" and version " < 7.0.7.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs110tpp Search vendor "Netgear" for product "Gs110tpp" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs110tp Firmware Search vendor "Netgear" for product "Gs110tp Firmware" | < 7.0.7.2 Search vendor "Netgear" for product "Gs110tp Firmware" and version " < 7.0.7.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs110tp Search vendor "Netgear" for product "Gs110tp" | v3 Search vendor "Netgear" for product "Gs110tp" and version "v3" | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs110tup Firmware Search vendor "Netgear" for product "Gs110tup Firmware" | < 1.0.5.3 Search vendor "Netgear" for product "Gs110tup Firmware" and version " < 1.0.5.3" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs110tup Search vendor "Netgear" for product "Gs110tup" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs308t Firmware Search vendor "Netgear" for product "Gs308t Firmware" | < 1.0.3.2 Search vendor "Netgear" for product "Gs308t Firmware" and version " < 1.0.3.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs308t Search vendor "Netgear" for product "Gs308t" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs310tp Firmware Search vendor "Netgear" for product "Gs310tp Firmware" | < 1.0.3.2 Search vendor "Netgear" for product "Gs310tp Firmware" and version " < 1.0.3.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs310tp Search vendor "Netgear" for product "Gs310tp" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs710tup Firmware Search vendor "Netgear" for product "Gs710tup Firmware" | < 1.0.5.3 Search vendor "Netgear" for product "Gs710tup Firmware" and version " < 1.0.5.3" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs710tup Search vendor "Netgear" for product "Gs710tup" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs716tp Firmware Search vendor "Netgear" for product "Gs716tp Firmware" | < 1.0.4.2 Search vendor "Netgear" for product "Gs716tp Firmware" and version " < 1.0.4.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs716tp Search vendor "Netgear" for product "Gs716tp" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs716tpp Firmware Search vendor "Netgear" for product "Gs716tpp Firmware" | < 1.0.4.2 Search vendor "Netgear" for product "Gs716tpp Firmware" and version " < 1.0.4.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs716tpp Search vendor "Netgear" for product "Gs716tpp" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs724tpp Firmware Search vendor "Netgear" for product "Gs724tpp Firmware" | < 2.0.6.3 Search vendor "Netgear" for product "Gs724tpp Firmware" and version " < 2.0.6.3" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs724tpp Search vendor "Netgear" for product "Gs724tpp" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs724tp Firmware Search vendor "Netgear" for product "Gs724tp Firmware" | < 2.0.6.3 Search vendor "Netgear" for product "Gs724tp Firmware" and version " < 2.0.6.3" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs724tp Search vendor "Netgear" for product "Gs724tp" | v2 Search vendor "Netgear" for product "Gs724tp" and version "v2" | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs728tpp Firmware Search vendor "Netgear" for product "Gs728tpp Firmware" | < 6.0.8.2 Search vendor "Netgear" for product "Gs728tpp Firmware" and version " < 6.0.8.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs728tpp Search vendor "Netgear" for product "Gs728tpp" | v2 Search vendor "Netgear" for product "Gs728tpp" and version "v2" | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs728tp Firmware Search vendor "Netgear" for product "Gs728tp Firmware" | < 6.0.8.2 Search vendor "Netgear" for product "Gs728tp Firmware" and version " < 6.0.8.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs728tp Search vendor "Netgear" for product "Gs728tp" | v2 Search vendor "Netgear" for product "Gs728tp" and version "v2" | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs750e Firmware Search vendor "Netgear" for product "Gs750e Firmware" | < 1.0.1.10 Search vendor "Netgear" for product "Gs750e Firmware" and version " < 1.0.1.10" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs750e Search vendor "Netgear" for product "Gs750e" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs752tpp Firmware Search vendor "Netgear" for product "Gs752tpp Firmware" | < 6.0.8.2 Search vendor "Netgear" for product "Gs752tpp Firmware" and version " < 6.0.8.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs752tpp Search vendor "Netgear" for product "Gs752tpp" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Gs752tp Firmware Search vendor "Netgear" for product "Gs752tp Firmware" | < 6.0.8.2 Search vendor "Netgear" for product "Gs752tp Firmware" and version " < 6.0.8.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Gs752tp Search vendor "Netgear" for product "Gs752tp" | v2 Search vendor "Netgear" for product "Gs752tp" and version "v2" | - |
Safe
|
| Netgear Search vendor "Netgear" | Ms510txm Firmware Search vendor "Netgear" for product "Ms510txm Firmware" | < 1.0.4.2 Search vendor "Netgear" for product "Ms510txm Firmware" and version " < 1.0.4.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Ms510txm Search vendor "Netgear" for product "Ms510txm" | - | - |
Safe
|
| Netgear Search vendor "Netgear" | Ms510txup Firmware Search vendor "Netgear" for product "Ms510txup Firmware" | < 1.0.4.2 Search vendor "Netgear" for product "Ms510txup Firmware" and version " < 1.0.4.2" | - |
Affected
| in | Netgear Search vendor "Netgear" | Ms510txup Search vendor "Netgear" for product "Ms510txup" | - | - |
Safe
|