cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-20175,https://securityvulnerability.io/vulnerability/CVE-2021-20175,SOAP Interface Vulnerability in Netgear Nighthawk Router,"The Netgear Nighthawk R6700 router, specifically version 1.0.4.120, has a significant security vulnerability in its SOAP interface. This vulnerability arises from the use of unsecure communication methods, as all data exchanged with the SOAP interface at port 5000 is transmitted over HTTP. Consequently, sensitive information such as usernames and passwords may be exposed in plaintext, making it susceptible to interception by attackers. This flaw underlines the necessity for secure communication protocols to protect user data.",Netgear,Netgear Nighthawk R6700,7.5,HIGH,0.0020099999383091927,false,,false,false,false,,,false,false,,2021-12-30T21:31:23.000Z,0
CVE-2021-20174,https://securityvulnerability.io/vulnerability/CVE-2021-20174,Insecure Communication Vulnerability in Netgear Nighthawk R6700 Router,"The Netgear Nighthawk R6700 router, specifically version 1.0.4.120, presents an insecure communication vulnerability due to the lack of secure methods for transmitting data to and from the web interface. This device relies on HTTP protocols by default, which can expose potentially sensitive information, including usernames and passwords, in cleartext. As a result, attackers could intercept and exploit this data, posing a serious threat to the device's users.",Netgear,Netgear Nighthawk R6700,7.5,HIGH,0.0020099999383091927,false,,false,false,false,,,false,false,,2021-12-30T21:31:23.000Z,0
CVE-2021-20173,https://securityvulnerability.io/vulnerability/CVE-2021-20173,Command Injection Vulnerability in Netgear Nighthawk R6700 Device,"The Netgear Nighthawk R6700 device, specifically version 1.0.4.120, is affected by a command injection vulnerability within its update functionality. This issue arises when an update check is triggered via the SOAP interface, allowing potential attackers to inject commands through preconfigured values. This could lead to unauthorized actions being executed on the device, compromising its security.",Netgear,Netgear Nighthawk R6700,8.8,HIGH,0.010590000078082085,false,,false,false,false,,,false,false,,2021-12-30T21:31:22.000Z,0
CVE-2021-45077,https://securityvulnerability.io/vulnerability/CVE-2021-45077,Plaintext Credential Storage in Netgear Nighthawk Router,"The Netgear Nighthawk R6700 router version 1.0.4.120 exposes sensitive information by storing all usernames and passwords in plaintext on the device. This practice poses significant risks to user security, as it makes it easy for unauthorized individuals to access sensitive configurations and take control of associated services. Proper handling and encryption of credentials are crucial to maintain the integrity and security of the device.",Netgear,Netgear Nighthawk R6700,7.5,HIGH,0.0020099999383091927,false,,false,false,false,,,false,false,,2021-12-30T21:31:21.000Z,0
CVE-2021-23147,https://securityvulnerability.io/vulnerability/CVE-2021-23147,Insufficient UART Console Protection in Netgear Router,"The Netgear Nighthawk R6700 version 1.0.4.120 is susceptible to a vulnerability that stems from inadequate protections for its UART console. This flaw allows an attacker with physical access to the device to connect through the UART port using a serial connection. Once access is gained, the attacker can execute commands with root privileges without requiring any form of authentication, posing a significant risk to the security of the device and potentially the wider network.",Netgear,Netgear Nighthawk R6700,6.8,MEDIUM,0.0012199999764561653,false,,false,false,false,,,false,false,,2021-12-30T21:31:20.000Z,0
CVE-2021-45732,https://securityvulnerability.io/vulnerability/CVE-2021-45732,Hardcoded Credential Vulnerability in Netgear Nighthawk R6700 Router,"The Netgear Nighthawk R6700 router version 1.0.4.120 is impacted by a vulnerability involving hardcoded credentials that allow potential attackers to exploit configuration backups. Although these backups are encrypted and intended for internal use only, malicious users can utilize commonly available tools to extract and manipulate these configurations. This manipulation can lead to unauthorized changes, posing significant security risks to the router's settings and overall network integrity.",Netgear,Netgear Nighthawk R6700,8.8,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2021-12-30T21:31:20.000Z,0