CVE-2021-34947 - Vulnerability Details

NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the soap_block_table file. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-13055.

No CVSS v4.0

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Netgear	D7800 D7800 Firmware Ex2700 Ex2700 Firmware Ex6100 Ex6100 Firmware Ex6150 Ex6150 Firmware Ex6200 Ex6200 Firmware Ex6250 Ex6250 Firmware Ex6400 Ex6400 Firmware Ex6400v2 Ex6400v2 Firmware Ex6410 Ex6410 Firmware Ex6420 Ex6420 Firmware Ex6500v1 Ex6500v1 Firmware Ex7300 Ex7300 Firmware Ex7300v2 Ex7300v2 Firmware Ex7320 Ex7320 Firmware Ex7700 Ex7700 Firmware Ex8000 Ex8000 Firmware Lbr1020 Lbr1020 Firmware Lbr20 Lbr20 Firmware R6700ax R6700ax Firmware R7800 R7800 Firmware R8900 R8900 Firmware R9000 R9000 Firmware Rax10 Rax10 Firmware Rax120 Rax120 Firmware Rax120v2 Rax120v2 Firmware Rax70 Rax70 Firmware Rax78 Rax78 Firmware Rbr10 Rbr10 Firmware Rbr20 Rbr20 Firmware Rbr40 Rbr40 Firmware Rbr50 Rbr50 Firmware Rbs10 Rbs10 Firmware Rbs20 Rbs20 Firmware Rbs40 Rbs40 Firmware Rbs50 Rbs50 Firmware Rbs50y Rbs50y Firmware Wn3000rpv2 Wn3000rpv2 Firmware Wnr2000v5 Wnr2000v5 Firmware Xr450 Xr450 Firmware Xr500 Xr500 Firmware Xr700 Xr700 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:netgear:d7800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:d7800:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:netgear:ex2700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex2700:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:netgear:ex6100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex6100:v2:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:netgear:ex6150_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex6150:v2:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:netgear:ex6200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex6200:v2:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:netgear:ex6250_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex6250:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:netgear:ex6400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex6400:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:netgear:ex6400v2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex6400v2:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:netgear:ex6410_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex6410:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:netgear:ex6420_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex6420:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:netgear:ex6500v1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex6500v1:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:netgear:ex7300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex7300:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:netgear:ex7300v2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex7300v2:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:netgear:ex7320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex7320:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:netgear:ex7700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex7700:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:netgear:ex8000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:ex8000:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:netgear:lbr1020_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:lbr1020:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:netgear:lbr20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:lbr20:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:netgear:r6700ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r6700ax:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:netgear:r7800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r7800:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:netgear:r8900_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r8900:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:netgear:r9000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:r9000:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:netgear:rax10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rax10:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:netgear:rax120_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rax120:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:netgear:rax120v2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rax120v2:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:netgear:rax70_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rax70:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:netgear:rax78_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rax78:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:netgear:rbr10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rbr10:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:netgear:rbr20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rbr20:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:netgear:rbr40_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rbr40:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:netgear:rbr50_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rbr50:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:netgear:rbs10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rbs10:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:netgear:rbs20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rbs20:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:netgear:rbs40_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rbs40:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:netgear:rbs50_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rbs50:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:netgear:rbs50y_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rbs50y:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:netgear:wn3000rpv2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wn3000rpv2:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:netgear:wnr2000v5_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:wnr2000v5:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:netgear:xr450_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:xr450:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:netgear:xr500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:xr500:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:netgear:xr700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:netgear:xr700:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://kb.netgear.com/000064044/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2021-0129
https://www.zerodayinitiative.com/advisories/ZDI-21-1116/

History

Thu, 14 Aug 2025 06:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Netgear d7800 Netgear d7800 Firmware Netgear ex2700 Netgear ex2700 Firmware Netgear ex6100 Netgear ex6100 Firmware Netgear ex6150 Netgear ex6150 Firmware Netgear ex6200 Netgear ex6200 Firmware Netgear ex6250 Netgear ex6250 Firmware Netgear ex6400 Netgear ex6400 Firmware Netgear ex6400v2 Netgear ex6400v2 Firmware Netgear ex6410 Netgear ex6410 Firmware Netgear ex6420 Netgear ex6420 Firmware Netgear ex6500v1 Netgear ex6500v1 Firmware Netgear ex7300 Netgear ex7300 Firmware Netgear ex7300v2 Netgear ex7300v2 Firmware Netgear ex7320 Netgear ex7320 Firmware Netgear ex7700 Netgear ex7700 Firmware Netgear ex8000 Netgear ex8000 Firmware Netgear lbr1020 Netgear lbr1020 Firmware Netgear lbr20 Netgear lbr20 Firmware Netgear r6700ax Netgear r6700ax Firmware Netgear r7800 Firmware Netgear r8900 Netgear r8900 Firmware Netgear r9000 Netgear r9000 Firmware Netgear rax10 Netgear rax10 Firmware Netgear rax120 Netgear rax120 Firmware Netgear rax120v2 Netgear rax120v2 Firmware Netgear rax70 Netgear rax70 Firmware Netgear rax78 Netgear rax78 Firmware Netgear rbr10 Netgear rbr10 Firmware Netgear rbr20 Netgear rbr20 Firmware Netgear rbr40 Netgear rbr40 Firmware Netgear rbr50 Netgear rbr50 Firmware Netgear rbs10 Netgear rbs10 Firmware Netgear rbs20 Netgear rbs20 Firmware Netgear rbs40 Netgear rbs40 Firmware Netgear rbs50 Netgear rbs50 Firmware Netgear rbs50y Netgear rbs50y Firmware Netgear wn3000rpv2 Netgear wn3000rpv2 Firmware Netgear wnr2000v5 Netgear wnr2000v5 Firmware Netgear xr450 Netgear xr450 Firmware Netgear xr500 Netgear xr500 Firmware Netgear xr700 Netgear xr700 Firmware
CPEs		cpe:2.3:h:netgear:d7800:-:::::::* cpe:2.3:h:netgear:ex2700:-:::::::* cpe:2.3:h:netgear:ex6100:v2:::::::* cpe:2.3:h:netgear:ex6150:v2:::::::* cpe:2.3:h:netgear:ex6200:v2:::::::* cpe:2.3:h:netgear:ex6250:-:::::::* cpe:2.3:h:netgear:ex6400:-:::::::* cpe:2.3:h:netgear:ex6400v2:-:::::::* cpe:2.3:h:netgear:ex6410:-:::::::* cpe:2.3:h:netgear:ex6420:-:::::::* cpe:2.3:h:netgear:ex6500v1:-:::::::* cpe:2.3:h:netgear:ex7300:-:::::::* cpe:2.3:h:netgear:ex7300v2:-:::::::* cpe:2.3:h:netgear:ex7320:-:::::::* cpe:2.3:h:netgear:ex7700:-:::::::* cpe:2.3:h:netgear:ex8000:-:::::::* cpe:2.3:h:netgear:lbr1020:-:::::::* cpe:2.3:h:netgear:lbr20:-:::::::* cpe:2.3:h:netgear:r6700ax:-:::::::* cpe:2.3:h:netgear:r7800:-:::::::* cpe:2.3:h:netgear:r8900:-:::::::* cpe:2.3:h:netgear:r9000:-:::::::* cpe:2.3:h:netgear:rax10:-:::::::* cpe:2.3:h:netgear:rax120:-:::::::* cpe:2.3:h:netgear:rax120v2:-:::::::* cpe:2.3:h:netgear:rax70:-:::::::* cpe:2.3:h:netgear:rax78:-:::::::* cpe:2.3:h:netgear:rbr10:-:::::::* cpe:2.3:h:netgear:rbr20:-:::::::* cpe:2.3:h:netgear:rbr40:-:::::::* cpe:2.3:h:netgear:rbr50:-:::::::* cpe:2.3:h:netgear:rbs10:-:::::::* cpe:2.3:h:netgear:rbs20:-:::::::* cpe:2.3:h:netgear:rbs40:-:::::::* cpe:2.3:h:netgear:rbs50:-:::::::* cpe:2.3:h:netgear:rbs50y:-:::::::* cpe:2.3:h:netgear:wn3000rpv2:-:::::::* cpe:2.3:h:netgear:wnr2000v5:-:::::::* cpe:2.3:h:netgear:xr450:-:::::::* cpe:2.3:h:netgear:xr500:-:::::::* cpe:2.3:h:netgear:xr700:-:::::::* cpe:2.3:o:netgear:d7800_firmware:::::::: cpe:2.3:o:netgear:ex2700_firmware:::::::: cpe:2.3:o:netgear:ex6100_firmware:::::::: cpe:2.3:o:netgear:ex6150_firmware:::::::: cpe:2.3:o:netgear:ex6200_firmware:::::::: cpe:2.3:o:netgear:ex6250_firmware:::::::: cpe:2.3:o:netgear:ex6400_firmware:::::::: cpe:2.3:o:netgear:ex6400v2_firmware:::::::: cpe:2.3:o:netgear:ex6410_firmware:::::::: cpe:2.3:o:netgear:ex6420_firmware:::::::: cpe:2.3:o:netgear:ex6500v1_firmware:::::::: cpe:2.3:o:netgear:ex7300_firmware:::::::: cpe:2.3:o:netgear:ex7300v2_firmware:::::::: cpe:2.3:o:netgear:ex7320_firmware:::::::: cpe:2.3:o:netgear:ex7700_firmware:::::::: cpe:2.3:o:netgear:ex8000_firmware:::::::: cpe:2.3:o:netgear:lbr1020_firmware:::::::: cpe:2.3:o:netgear:lbr20_firmware:::::::: cpe:2.3:o:netgear:r6700ax_firmware:::::::: cpe:2.3:o:netgear:r7800_firmware:::::::: cpe:2.3:o:netgear:r8900_firmware:::::::: cpe:2.3:o:netgear:r9000_firmware:::::::: cpe:2.3:o:netgear:rax10_firmware:::::::: cpe:2.3:o:netgear:rax120_firmware:::::::: cpe:2.3:o:netgear:rax120v2_firmware:::::::: cpe:2.3:o:netgear:rax70_firmware:::::::: cpe:2.3:o:netgear:rax78_firmware:::::::: cpe:2.3:o:netgear:rbr10_firmware:::::::: cpe:2.3:o:netgear:rbr20_firmware:::::::: cpe:2.3:o:netgear:rbr40_firmware:::::::: cpe:2.3:o:netgear:rbr50_firmware:::::::: cpe:2.3:o:netgear:rbs10_firmware:::::::: cpe:2.3:o:netgear:rbs20_firmware:::::::: cpe:2.3:o:netgear:rbs40_firmware:::::::: cpe:2.3:o:netgear:rbs50_firmware:::::::: cpe:2.3:o:netgear:rbs50y_firmware:::::::: cpe:2.3:o:netgear:wn3000rpv2_firmware:::::::: cpe:2.3:o:netgear:wnr2000v5_firmware:::::::: cpe:2.3:o:netgear:xr450_firmware:::::::: cpe:2.3:o:netgear:xr500_firmware:::::::: cpe:2.3:o:netgear:xr700_firmware::::::::
Vendors & Products		Netgear d7800 Netgear d7800 Firmware Netgear ex2700 Netgear ex2700 Firmware Netgear ex6100 Netgear ex6100 Firmware Netgear ex6150 Netgear ex6150 Firmware Netgear ex6200 Netgear ex6200 Firmware Netgear ex6250 Netgear ex6250 Firmware Netgear ex6400 Netgear ex6400 Firmware Netgear ex6400v2 Netgear ex6400v2 Firmware Netgear ex6410 Netgear ex6410 Firmware Netgear ex6420 Netgear ex6420 Firmware Netgear ex6500v1 Netgear ex6500v1 Firmware Netgear ex7300 Netgear ex7300 Firmware Netgear ex7300v2 Netgear ex7300v2 Firmware Netgear ex7320 Netgear ex7320 Firmware Netgear ex7700 Netgear ex7700 Firmware Netgear ex8000 Netgear ex8000 Firmware Netgear lbr1020 Netgear lbr1020 Firmware Netgear lbr20 Netgear lbr20 Firmware Netgear r6700ax Netgear r6700ax Firmware Netgear r7800 Firmware Netgear r8900 Netgear r8900 Firmware Netgear r9000 Netgear r9000 Firmware Netgear rax10 Netgear rax10 Firmware Netgear rax120 Netgear rax120 Firmware Netgear rax120v2 Netgear rax120v2 Firmware Netgear rax70 Netgear rax70 Firmware Netgear rax78 Netgear rax78 Firmware Netgear rbr10 Netgear rbr10 Firmware Netgear rbr20 Netgear rbr20 Firmware Netgear rbr40 Netgear rbr40 Firmware Netgear rbr50 Netgear rbr50 Firmware Netgear rbs10 Netgear rbs10 Firmware Netgear rbs20 Netgear rbs20 Firmware Netgear rbs40 Netgear rbs40 Firmware Netgear rbs50 Netgear rbs50 Firmware Netgear rbs50y Netgear rbs50y Firmware Netgear wn3000rpv2 Netgear wn3000rpv2 Firmware Netgear wnr2000v5 Netgear wnr2000v5 Firmware Netgear xr450 Netgear xr450 Firmware Netgear xr500 Netgear xr500 Firmware Netgear xr700 Netgear xr700 Firmware

MITRE

Status: PUBLISHED

Assigner: zdi

Published: 2024-05-07T22:54:22.897Z

Updated: 2024-08-04T00:26:55.741Z

Reserved: 2021-06-17T19:27:05.647Z

Link: CVE-2021-34947

Vulnrichment

Updated: 2024-08-04T00:26:55.741Z

NVD

Status : Analyzed

Published: 2024-05-07T23:15:07.653

Modified: 2025-08-14T01:42:44.800

Link: CVE-2021-34947

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object