CVE-2022-41545

{"id": "CVE-2022-41545", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.5}]}, "published": "2025-02-18T18:15:13.450", "references": [{"url": "https://seclists.org/fulldisclosure/2025/Feb/12", "source": "cve@mitre.org"}, {"url": "https://www.netgear.com/about/security/", "source": "cve@mitre.org"}, {"url": "https://www.netgear.com/images/datasheet/networking/cablemodems/C7800.pdf", "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2025/Feb/12", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-319"}]}], "descriptions": [{"lang": "en", "value": "The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 (and possibly others) authenticates users via basic authentication, with an HTTP header containing a base64 value of the plaintext username and password. Because the web server also does not utilize transport security by default, this renders the administrative credentials vulnerable to eavesdropping by an adversary during every authenticated request made by a client to the router over a WLAN, or a LAN, should the adversary be able to perform a man-in-the-middle attack."}, {"lang": "es", "value": "La interfaz web administrativa de NetGear C7800 router con la versi\u00f3n de firmware 6.01.07 (y posiblemente otras) autentica a los usuarios mediante autenticaci\u00f3n b\u00e1sica, con un encabezado HTTP que contiene un valor base64 del nombre de usuario y la contrase\u00f1a en texto plano. Debido a que el servidor web tampoco utiliza seguridad de transporte de manera predeterminada, esto hace que las credenciales administrativas sean vulnerables a escuchas clandestinas por parte de un adversario durante cada solicitud autenticada que realiza un cliente al router a trav\u00e9s de una red inal\u00e1mbrica (WLAN) o una red local (LAN), en caso de que el adversario pueda realizar un ataque de intermediario."}], "lastModified": "2025-03-20T17:15:36.803", "sourceIdentifier": "cve@mitre.org"}