CVE-2021-45649
HIGHNETGEAR R6400v2/R6700v3/R7000/R6900P/R7000P Firmware - Unauthenticated Sensitive Information Exposure
Title source: llmDescription
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R7000 before 1.0.11.126, R6900P before 1.3.2.126, and R7000P before 1.3.2.126.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://kb.netgear.com/000064073/Security-Advisory-for-Sensitive-Information-Disclosure-on-Some-Routers-PSV-2019-0123
Scores
CVSS v3
7.9
EPSS
0.0011
EPSS Percentile
28.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Details
CWE
CWE-200
Status
published
Products (5)
netgear/r6400v2_firmware
< 1.0.4.84
netgear/r6700v3_firmware
< 1.0.4.84
netgear/r6900p_firmware
< 1.3.2.126
netgear/r7000_firmware
< 1.0.11.126
netgear/r7000p_firmware
< 1.3.2.126
Published
Dec 26, 2021
Tracked Since
Feb 18, 2026