2 matches found
CVE-2022-41545
The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 and possibly others authenticates users via basic authentication, with an HTTP header containing a base64 value of the plaintext username and password. Because the web server also does not utilize transpor...
CVE-2022-41545
Netgear C7800 Router (firmware 6.01.07 and possibly others) exposes admin credentials via basic authentication over HTTP, with credentials base64-encoded in the header and no transport security by default. This enables eavesdropping/MITM on authenticated requests over WLAN or LAN. Reported CVSSv3...