Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-7631

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00589EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:20 p.m.6 views

CVE-2021-23147

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection and execute commands as the root user without authentication...

7.2CVSS7.1AI score0.00364EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:9 p.m.16 views

CVE-2021-45732

Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools,...

8.8CVSS6.8AI score0.00779EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 7:6 p.m.16 views

CVE-2021-20173

Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is susceptible to command injection via preconfigured values...

8.8CVSS7.5AI score0.03199EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/03 12:0 a.m.24 views

Netgear Nighthawk R6700 Encryption Issue Vulnerability (CNVD-2022-02653)

Netgear Nighthawk R6700 is a wireless router from Netgear, Inc. An encryption vulnerability exists in the Netgear Nighthawk R6700, which stems from the product's failure to use the soap secure communication method. An attacker could obtain sensitive information from HTTP requests through this...

7.5CVSS0.6AI score0.00589EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/03 12:0 a.m.18 views

Netgear Nighthawk R6700 License Issue Vulnerability

The Netgear Nighthawk R6700 is a wireless router from Netgear USA. An authorization issue vulnerability exists in the Netgear Nighthawk R6700 that stems from the product's lack of adequate protection for UART console access. The vulnerability can be exploited by an attacker to execute commands as...

7.2CVSS6.9AI score0.00364EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/03 12:0 a.m.18 views

Netgear Nighthawk R6700 Encryption Issue Vulnerability (CNVD-2022-02652)

The Netgear Nighthawk R6700 is a wireless router from Netgear, Inc. An encryption vulnerability exists in the Netgear Nighthawk R6700, which stems from the product's failure to encrypt account information. An attacker could obtain plaintext account information in the Zhu configuration file throug...

7.5CVSS2.3AI score0.00589EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/03 12:0 a.m.19 views

Netgear Nighthawk R6700 Information Disclosure Vulnerability

An information disclosure vulnerability exists in the Netgear Nighthawk R6700, a wireless router from Netgear, which stems from the product's failure to encrypt HTTP requests. An attacker could gain access to sensitive information through this vulnerability...

7.5CVSS0.4AI score0.00589EPSS
Exploits0References1
OSV
OSV
added 2021/12/30 10:15 p.m.4 views

CVE-2021-45732

Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted/obfuscated. By extracting the configuration using readily available public tools,...

8.8CVSS7.3AI score0.00779EPSS
Exploits0References1
OSV
OSV
added 2021/12/30 10:15 p.m.3 views

CVE-2021-45077

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device...

7.5CVSS5.8AI score0.00589EPSS
Exploits0References1
OSV
OSV
added 2021/12/30 10:15 p.m.3 views

CVE-2021-23147

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection and execute commands as the root user without authentication...

6.8CVSS6.7AI score0.00364EPSS
Exploits0References1
OSV
OSV
added 2021/12/30 10:15 p.m.5 views

CVE-2021-20173

Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is susceptible to command injection via preconfigured values...

8.8CVSS5.8AI score0.03199EPSS
Exploits1References1
OSV
OSV
added 2021/12/30 10:15 p.m.4 views

CVE-2021-20175

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. By default, all communication to/from the device's SOAP Interface port 5000 is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be...

7.5CVSS7.1AI score0.00589EPSS
Exploits0References1
NVD
NVD
added 2021/12/30 10:15 p.m.13 views

CVE-2021-20174

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. By default, all communication to/from the device's web interface is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be transmitted in...

7.5CVSS0.00589EPSS
Exploits0References1
Prion
Prion
added 2021/12/30 10:15 p.m.24 views

Default configuration

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. By default, all communication to/from the device's SOAP Interface port 5000 is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be...

5CVSS7.4AI score0.00589EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/12/30 10:15 p.m.17 views

Default configuration

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. By default, all communication to/from the device's web interface is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be transmitted in...

5CVSS7.4AI score0.00589EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/12/30 10:15 p.m.18 views

Authentication flaw

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection and execute commands as the root user without authentication...

7.2CVSS6.7AI score0.00364EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/12/30 10:15 p.m.18 views

Default credentials

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device...

5CVSS7.5AI score0.00589EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/12/30 9:31 p.m.18 views

CVE-2021-20174

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. By default, all communication to/from the device's web interface is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be transmitted in...

7.6AI score0.00589EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/30 9:31 p.m.15 views

CVE-2021-20175

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. By default, all communication to/from the device's SOAP Interface port 5000 is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be...

7.6AI score0.00589EPSS
Exploits0References1
Rows per page
Query Builder