Vulnerabilities > Netgear > R6700 Firmware > 1.0.4.120
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-30 | CVE-2021-20173 | OS Command Injection vulnerability in Netgear R6700 Firmware 1.0.4.120 Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. | 6.5 |
2021-12-30 | CVE-2021-20174 | Cleartext Transmission of Sensitive Information vulnerability in Netgear R6700 Firmware 1.0.4.120 Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. | 5.0 |
2021-12-30 | CVE-2021-20175 | Cleartext Transmission of Sensitive Information vulnerability in Netgear R6700 Firmware 1.0.4.120 Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. | 5.0 |
2021-12-30 | CVE-2021-23147 | Improper Authentication vulnerability in Netgear R6700 Firmware 1.0.4.120 Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. | 7.2 |
2021-12-30 | CVE-2021-45077 | Cleartext Storage of Sensitive Information vulnerability in Netgear R6700 Firmware 1.0.4.120 Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. | 5.0 |
2021-12-30 | CVE-2021-45732 | Use of Hard-coded Credentials vulnerability in Netgear R6700 Firmware 1.0.4.120 Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. | 6.5 |