Lucene search

TenableCVELIST:CVE-2021-20170

HistoryDec 30, 2021 - 9:31 p.m.

CVE-2021-20170

2021-12-3021:31:15

tenable

www.cve.org

netgear rax43

hardcoded credentials

encryption

vulnerability

manipulation

configuration backups

zip file

password protection

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password (RAX50w!a4udk). By unzipping the configuration using this password, a user can reconfigure settings not intended to be manipulated, re-zip the configuration, and restore a backup causing these settings to be changed.

CNA Affected

[
  {
    "product": "Netgear RAX43",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.3.96"
      }
    ]
  }
]

References

www.tenable.com/security/research/tra-2021-55