RAX43
by Netgear
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-0410 | Low | 0.12 | — | — | Jun 9, 2026 | Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality. | ||
| CVE-2021-20167 | 0.07 | — | 0.85 | Dec 30, 2021 | Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter. | |||
| CVE-2021-20166 | 0.05 | — | 0.64 | Dec 30, 2021 | Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton. | |||
| CVE-2025-12946 | 0.00 | — | 0.00 | Dec 9, 2025 | A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are… | |||
| CVE-2021-20169 | 0.00 | — | 0.00 | Dec 30, 2021 | Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext. | |||
| CVE-2021-20168 | 0.00 | — | 0.00 | Dec 30, 2021 | Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection, login with default credentials, and execute commands as the root user.… | |||
| CVE-2021-20171 | 0.00 | — | 0.00 | Dec 30, 2021 | Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the… | |||
| CVE-2021-20170 | 0.00 | — | 0.00 | Dec 30, 2021 | Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a… |
- risk 0.12cvss —epss —
Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality.
- CVE-2021-20167Dec 30, 2021risk 0.07cvss —epss 0.85
Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter.
- CVE-2021-20166Dec 30, 2021risk 0.05cvss —epss 0.64
Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton.
- CVE-2025-12946Dec 9, 2025risk 0.00cvss —epss 0.00
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques (MiTM) to manipulate DNS responses and execute commands when speedtests are…
- CVE-2021-20169Dec 30, 2021risk 0.00cvss —epss 0.00
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive information (such as usernames and passwords) to be transmitted in cleartext.
- CVE-2021-20168Dec 30, 2021risk 0.00cvss —epss 0.00
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection, login with default credentials, and execute commands as the root user.…
- CVE-2021-20171Dec 30, 2021risk 0.00cvss —epss 0.00
Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the…
- CVE-2021-20170Dec 30, 2021risk 0.00cvss —epss 0.00
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a…