CVE-2021-20169
First published: Thu Dec 30 2021(Updated: )
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext.
Credit: vulnreport@tenable.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgear Rax43 Firmware | =1.0.3.96 | |
| Netgear RAX43 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-20169.
What is the severity of CVE-2021-20169?
The severity of CVE-2021-20169 is high.
How does CVE-2021-20169 affect Netgear RAX43 version 1.0.3.96?
CVE-2021-20169 affects Netgear RAX43 version 1.0.3.96 by not utilizing secure communications to the web interface.
What are the potential risks of CVE-2021-20169?
The potential risks of CVE-2021-20169 include the transmission of potentially sensitive information (such as usernames and passwords) in cleartext.
How can I fix CVE-2021-20169?
To fix CVE-2021-20169, it is recommended to update the firmware of Netgear RAX43 to a version that utilizes secure communications to the web interface.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/author
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/netgear
- canonical/netgear rax43 firmware
- version/netgear rax43 firmware/1.0.3.96
- canonical/netgear rax43