CVE-2021-37572
HIGH WAF: Low
CVSS 7.5
Published: 2021-12-26
CWE-862
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Missing authorization).
WAF Coverage Analysis
Missing Authorization
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| mediatek | mt7603e_firmware | 2.0.2 |
| mediatek | mt7613_firmware | 2.0.2 |
| mediatek | mt7615_firmware | 2.0.2 |
| mediatek | mt7622_firmware | 2.0.2 |
| mediatek | mt7628_firmware | 2.0.2 |
| mediatek | mt7629_firmware | 2.0.2 |
| mediatek | mt7915_firmware | 2.0.2 |
References
- corp.mediatek.com (Vendor Advisory)
- kb.netgear.com (Third Party Advisory)