A vulnerability, which was classified as critical, was found in Netgear R7450 1.2.0.62_1.0.1 (Wireless LAN Software). This affects some unknown processing of the component SOAP API endpoint. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the issue as CWE-284. This is going to have an impact on confidentiality. The summary by CVE is:

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11559.

The weakness was presented 02/05/2021. It is possible to read the advisory at zerodayinitiative.com. This vulnerability is uniquely identified as CVE-2020-27873 since 10/27/2020. The exploitability is told to be easy. Access to the local network is required for this attack to succeed. No form of authentication is needed for exploitation. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 02/23/2021). The attack technique deployed by this issue is T1068 according to MITRE ATT&CK.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfoedit

Type

• Wireless LAN Software

Vendor

• Netgear

Name

• R7450

CPE 2.3infoedit

• 🔒

CPE 2.2infoedit

• 🔒

CVSSv3infoedit

CVSSv2infoedit

Exploitinginfoedit

Threat Intelligenceinfoedit

Countermeasuresinfoedit

Timelineinfoedit

Sourcesinfoedit

Entryinfoedit

Comments