Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-45077

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device.

Published

2021-12-30T22:15:10.007

Last Modified

2024-11-21T06:31:54.170

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-312

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	netgear	r6700_firmware	1.0.4.120	Yes
Hardware	netgear	r6700	-	No

References

https://www.tenable.com/security/research/tra-2021-57 Third Party Advisory ([email protected])
https://www.tenable.com/security/research/tra-2021-57 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)