Netgear C7800 Router Administrative Interface Cleartext Credential Transmission Vulnerability

Vulnerability

A vulnerability exists in the administrative web interface of the Netgear C7800 router, specifically in firmware version 6.01.07, and potentially other versions. The router uses basic authentication, sending usernames and passwords encoded in base64 within an HTTP header. Compounding this issue, the web server does not enforce transport security by default, leaving administrative credentials exposed to interception during authenticated requests over Wi-Fi or a local area network, especially if an attacker can execute a man-in-the-middle attack.

Impact

Exploitation of this vulnerability allows for the interception of administrative credentials, which could be used to gain unauthorized access to the router's administrative interface.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.3

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.3

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netgear C7800 Router Administrative Interface Cleartext Credential Transmission Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating