exploitDog

CVE-2021-20171

Опубликовано: 30 дек. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device.

Ссылки

https://www.tenable.com/security/research/tra-2021-55
Third Party Advisory
https://www.tenable.com/security/research/tra-2021-55
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:netgear:rax43_firmware:1.0.3.96:*:*:*:*:*:*:*

cpe:2.3:h:netgear:rax43:-:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00059

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-7ggp-fc92-x5m6

github

около 4 лет назад

Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device.

EPSS

Процентиль: 19%

0.00059

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312