CVE-2021-45556:Command Injection Vulnerability in NETGEAR Smart Managed Pro Switches

splash
Back

Description Preview

A post-authentication command injection vulnerability (CWE-77) affects multiple NETGEAR Smart Managed Pro Switch models. This vulnerability allows authenticated users to execute arbitrary commands on the affected devices, potentially leading to complete device compromise. The issue impacts various GS and MS series switches running firmware versions prior to their respective security patches.

Overview

This vulnerability (CVE-2021-45556) affects numerous NETGEAR Smart Managed Pro Switch models including GS108Tv2, GS110TPP, GS110TPv2, GS110TPv3, GS308T, GS310TP, GS724TPP, GS724TPv2, GS728TPPv2, GS728TPv2, GS752TPP, GS752TPv2, MS510TXM, and MS510TXUP. The vulnerability is a command injection flaw that allows an authenticated attacker to execute arbitrary system commands with elevated privileges on the affected device. Since this is a post-authentication vulnerability, an attacker must first have valid credentials to the device's management interface. Once authenticated, the attacker could exploit this vulnerability to gain control over the device, potentially leading to network compromise, data theft, or use of the device as a pivot point for further attacks.

Remediation

To address this vulnerability, NETGEAR has released firmware updates for all affected devices. Users should update to the following minimum firmware versions:

  • GS108Tv2: Update to version 5.4.2.36 or later
  • GS110TPP: Update to version 7.0.7.2 or later
  • GS110TPv2: Update to version 5.4.2.36 or later
  • GS110TPv3: Update to version 7.0.7.2 or later
  • GS308T: Update to version 1.0.3.2 or later
  • GS310TP: Update to version 1.0.3.2 or later
  • GS724TPP: Update to version 2.0.6.3 or later
  • GS724TPv2: Update to version 2.0.6.3 or later
  • GS728TPPv2: Update to version 6.0.8.2 or later
  • GS728TPv2: Update to version 6.0.8.2 or later
  • GS752TPP: Update to version 6.0.8.2 or later
  • GS752TPv2: Update to version 6.0.8.2 or later
  • MS510TXM: Update to version 1.0.4.2 or later
  • MS510TXUP: Update to version 1.0.4.2 or later

Additionally, implement the following security best practices:

  1. Change default administrator credentials
  2. Restrict management access to trusted IP addresses
  3. Use strong, unique passwords for device administration
  4. If possible, implement network segmentation to isolate management interfaces
  5. Regularly check for and apply firmware updates

References

  1. NETGEAR Security Advisory for Post-Authentication Command Injection on Some Smart Managed Pro Switches (PSV-2021-0175): https://kb.netgear.com/000064534/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Smart-Managed-Pro-Switches-PSV-2021-0175
  2. Common Weakness Enumeration: CWE-77 (Improper Neutralization of Special Elements used in a Command): https://cwe.mitre.org/data/definitions/77.html

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Accommodation & Food Services
    Accommodation & Food Services
  2. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  3. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  4. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  5. Construction
    Construction
  6. Educational Services
    Educational Services
  7. Finance and Insurance
    Finance and Insurance
  8. Health Care & Social Assistance
    Health Care & Social Assistance
  9. Information
    Information
  10. Management of Companies & Enterprises
    Management of Companies & Enterprises
  11. Manufacturing
    Manufacturing
  12. Mining
    Mining
  13. Other Services (except Public Administration)
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  15. Public Administration
    Public Administration
  16. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  17. Retail Trade
    Retail Trade
  18. Transportation & Warehousing
    Transportation & Warehousing
  19. Utilities
    Utilities
  20. Wholesale Trade
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background