Severity
Medium
Analysis Summary
CVE-2021-34870
Multiple NETGEAR XR1000 could allow a remote attacker to obtain sensitive information, caused by missing authentication in SOAPAction when processing SOAP messages. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information
Impact
- Information Theft
Affected Vendors
NETGEAR
Affected Products
- NETGEAR XR1000
Remediation
Refer to NETGEAR Security Advisory for the patch, upgrade, or suggested workaround information.
Refer to NETGEAR Security Advisory: PSV-2021-0101 for the patch, upgrade, or suggested workaround information.