CVE-2020-27873 – This vulnerability allows network-adjacent attackers to disclose sensitive information on …

4 February 2021

Vuln ID: CVE-2020-27873

Published: 2021-02-04 17:15:13Z

Description: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the SOAP API endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11559.

Source: NVD.NIST.GOV

Date:

4 February 2021

Categorie(s):

NVD

Tag(s):

NVD

Understanding Email Threats with Cloudflare Radar3 May 2024
Vulnerability Scanning vs. Penetration Testing3 May 2024
Gurucul REVEAL empowers organizations with full control over data3 May 2024
Germany says Russians behind ‘intolerable’ cyber-attack last year3 May 2024
U.S. Govt Warns of Massive Social Engineering Attack from North Korean Hackers3 May 2024