{"containers": {"cna": {"affected": [{"product": "Netgear Nighthawk R6700", "vendor": "n/a", "versions": [{"status": "affected", "version": "1.0.4.120"}]}], "descriptions": [{"lang": "en", "value": "Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device."}], "problemTypes": [{"descriptions": [{"description": "Plaintext Password Storage", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-30T21:31:21", "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.tenable.com/security/research/tra-2021-57"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnreport@tenable.com", "ID": "CVE-2021-45077", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Netgear Nighthawk R6700", "version": {"version_data": [{"version_value": "1.0.4.120"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Plaintext Password Storage"}]}]}, "references": {"reference_data": [{"name": "https://www.tenable.com/security/research/tra-2021-57", "refsource": "MISC", "url": "https://www.tenable.com/security/research/tra-2021-57"}]}}}}, "cveMetadata": {"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "assignerShortName": "tenable", "cveId": "CVE-2021-45077", "datePublished": "2021-12-30T21:31:21", "dateReserved": "2021-12-30T00:00:00", "dateUpdated": "2021-12-30T21:31:21", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netgear:r6700_firmware:1.0.4.120:*:*:*:*:*:*:*", "matchCriteriaId": "AA1C8A12-2DF8-4414-ACAF-9AC869331CE9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*", "matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device."}, {"lang": "es", "value": "Netgear Nighthawk R6700 versi\u00f3n 1.0.4.120, almacena informaci\u00f3n confidencial en texto plano. Todos los nombres de usuario y las contrase\u00f1as de los servicios asociados al dispositivo se almacenan en texto plano en el dispositivo. Por ejemplo, la contrase\u00f1a de administrador es almacenada en texto plano en el archivo de configuraci\u00f3n principal del dispositivo."}], "id": "CVE-2021-45077", "lastModified": "2022-07-12T17:42:04.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-12-30T22:15:10.007", "references": [{"source": "vulnreport@tenable.com", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/research/tra-2021-57"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-312"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}