{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T14:23:36.058","vulnerabilities":[{"cve":{"id":"CVE-2021-20173","sourceIdentifier":"vulnreport@tenable.com","published":"2021-12-30T22:15:09.760","lastModified":"2024-11-21T05:46:03.893","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. By triggering a system update check via the SOAP interface, the device is susceptible to command injection via preconfigured values."},{"lang":"es","value":"Netgear Nighthawk R6700 versión 1.0.4.120, contiene una vulnerabilidad de inyección de comandos en la funcionalidad update del dispositivo. Al desencadenar una comprobación de actualización del sistema por medio de la interfaz SOAP, el dispositivo es susceptible a una inyección de comandos por medio de valores preconfigurados.\n"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6700_firmware:1.0.4.120:*:*:*:*:*:*:*","matchCriteriaId":"AA1C8A12-2DF8-4414-ACAF-9AC869331CE9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*","matchCriteriaId":"21B27F11-4262-4CE1-8107-B365A7C152F2"}]}]}],"references":[{"url":"https://www.tenable.com/security/research/tra-2021-57","source":"vulnreport@tenable.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.tenable.com/security/research/tra-2021-57","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}