CVE-2021-20174

Summary

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. By default, all communication to/from the device's web interface is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext.

Affected Software

VendorProductVersion RangeStatus
n/aNetgear Nighthawk R67001.0.4.120affected

Weaknesses

  • Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References