2 matches found
CVE-2021-34865
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the minihttpd service, which listens on TCP port 80 by default. The...
CVE-2021-34865
CVE-2021-34865 affects NETGEAR routers running the mini_httpd service on port 80. The root cause is incorrect string matching logic when accessing protected pages, allowing network-adjacent attackers to bypass authentication and escalate to root-level arbitrary code execution. Affected software i...