Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

VulnCheck KEV
VulnCheck KEVadded 2022/08/19 12:0 a.m.0 views

VulnCheck KEV: CVE-2021-20167

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter...

8CVSS7.2AI score0.84613EPSS
Exploits0References1
NVD
NVDadded 2021/12/30 10:15 p.m.10 views

CVE-2021-20170

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password...

8.8CVSS0.00159EPSS
Exploits0References1
NVD
NVDadded 2021/12/30 10:15 p.m.18 views

CVE-2021-20167

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter...

8CVSS0.84613EPSS
Exploits0References1
OSV
OSVadded 2021/12/30 10:15 p.m.0 views

CVE-2021-20169

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be transmitted in cleartext...

6.8CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2021/12/30 10:15 p.m.16 views

CVE-2021-20166

Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton...

8.8CVSS0.64228EPSS
Exploits0References1
Prion
Prionadded 2021/12/30 10:15 p.m.12 views

Default configuration

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be transmitted in cleartext...

7.2CVSS6.5AI score0.00023EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/12/30 9:31 p.m.14 views

CVE-2021-20167

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter...

8.3AI score0.84613EPSS
Exploits0References1
CVE
CVEadded 2021/12/30 9:31 p.m.178 views

CVE-2021-20167

Netgear RAX43 firmware version 1.0.3.96 is affected by a command injection vulnerability in the readycloud CGI app. The issue is exploitable via the name parameter in the readycloud_control.cgi CGI (and, per related nuclei templates, a related buffer overrun in the cgi-bin endpoint that can redir...

8CVSS8.1AI score0.84613EPSS
In wildExploits0References1Affected Software1
CVE
CVEadded 2021/12/30 9:31 p.m.188 views

CVE-2021-20166

Netgear RAX43 firmware 1.0.3.96 is affected by a buffer overrun in the cgi-bin URL parsing endpoint (CVE-2021-20166). Nuclei templates also describe a related issue: command injection/authentication bypass in readycloud_control.cgi’s name parameter, and note that this vulnerability combines CVE-2...

8.8CVSS8.8AI score0.64228EPSS
In wildExploits0References1Affected Software1
Rows per page
Query Builder