Vulnerability in Netgear Rax43
CVE-2021-20170
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished vi…
EPSS: 0.005 (39.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Netgear Rax43
- Netgear Rax43_firmware — versions 1.0.3.96
- N/a Netgear Rax43 — versions 1.0.3.96
Weakness classification (CWE)
References
- vulnreport@tenable.com (Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2021-20170?
- CVE-2021-20170 is a high-severity vulnerability in Netgear Rax43, classified under Use of Hard-coded Credentials. CVSS score: 8.8/10. Published 2021-12-30.
- How severe is CVE-2021-20170?
- High severity. CVSS v3 base score is 8.8 out of 10.