CVE-2021-45077

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device.

Published: Dec 30, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-45077
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-312

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
netgear / r6700_firmware	1.0.4.120	1.0.4.120.x

https://www.tenable.com/security/research/tra-2021-57

Vulnerability Database

289,784

CVE-2021-45077