CVE-2021-20169

Name of the Vulnerable Software and Affected Versions Netgear RAX43 version 1.0.3.96

Description The issue is related to the transmission of data in cleartext through the web interface of the affected device. This could allow an attacker to impact the confidentiality, integrity, and availability of protected information using HTTP requests. The device communicates via HTTP by default, which results in sensitive information, such as usernames and passwords, being transmitted in cleartext.

Recommendations For Netgear RAX43 version 1.0.3.96, consider configuring the device to use secure communication protocols, such as HTTPS, to protect sensitive information transmitted to and from the web interface. As a temporary workaround, restrict access to the web interface to minimize the risk of exploitation.