Filtered by vendor Netgear
Subscribe
Total
1316 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45524 | 1 Netgear | 2 R8000, R8000 Firmware | 2024-11-21 | 9.0 HIGH | 7.6 HIGH |
|
NETGEAR R8000 devices before 1.0.4.62 are affected by a buffer overflow by an authenticated user.
|
|||||
| CVE-2021-45523 | 1 Netgear | 2 R7000, R7000 Firmware | 2024-11-21 | 6.8 MEDIUM | 5.7 MEDIUM |
|
NETGEAR R7000 devices before 1.0.9.42 are affected by a buffer overflow by an authenticated user.
|
|||||
| CVE-2021-45522 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 7.5 HIGH | 6.1 MEDIUM |
|
NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password.
|
|||||
| CVE-2021-45521 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2024-11-21 | 3.3 LOW | 7.4 HIGH |
|
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.
|
|||||
| CVE-2021-45520 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.
|
|||||
| CVE-2021-45519 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
|
NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.
|
|||||
| CVE-2021-45518 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
|
NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.
|
|||||
| CVE-2021-45517 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
|
NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.
|
|||||
| CVE-2021-45516 | 1 Netgear | 16 R6400, R6400 Firmware, R6900p and 13 more | 2024-11-21 | 2.7 LOW | 6.9 MEDIUM |
|
Certain NETGEAR devices are affected by denial of service. This affects R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R8000 before 1.0.4.74, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11.
|
|||||
| CVE-2021-45515 | 1 Netgear | 24 Ex7500, Ex7500 Firmware, Rbk752 and 21 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
Certain NETGEAR devices are affected by denial of service. This affects EX7500 before 1.0.0.72, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, RBRE960 before 6.0.3.68, RBSE960 before 6.0.3.68, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
|
|||||
| CVE-2021-45514 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
|
NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.
|
|||||
| CVE-2021-45513 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
|
NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.
|
|||||
| CVE-2021-45512 | 1 Netgear | 42 D7000, D7000 Firmware, D8500 and 39 more | 2024-11-21 | 7.5 HIGH | 8.6 HIGH |
|
Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90, R6250 before 1.0.4.42, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6900P before 1.3.2.124, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7900 before 1.0.4.26, R8000 before 1.0.4.58, R8300 before 1.0.2.134, R8500 before 1.0. ...
Show More |
|||||
| CVE-2021-45511 | 1 Netgear | 34 Ac2100, Ac2100 Firmware, Ac2400 and 31 more | 2024-11-21 | 10.0 HIGH | 6.8 MEDIUM |
|
Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021-08-27, AC2600 before 2021-08-27, D7000 before 2021-08-27, R6220 before 2021-08-27, R6230 before 2021-08-27, R6260 before 2021-08-27, R6330 before 2021-08-27, R6350 before 2021-08-27, R6700v2 before 2021-08-27, R6800 before 2021-08-27, R6850 before 2021-08-27, R6900v2 before 2021-08-27, R7200 before 2021-08-27, R7350 before 2021-08-27, R7400 before 2021-08-27, and R7450 before ...
Show More |
|||||
| CVE-2021-45510 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.2 HIGH |
|
NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass.
|
|||||
| CVE-2021-45509 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 7.5 HIGH | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
|
|||||
| CVE-2021-45508 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Cbr750 and 11 more | 2024-11-21 | 7.5 HIGH | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, and RBR850 before 3.2.17.12.
|
|||||
| CVE-2021-45507 | 1 Netgear | 20 Cbr40, Cbr40 Firmware, Cbr750 and 17 more | 2024-11-21 | 7.5 HIGH | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBW30 before 2.6.2.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBS40V before 2.6.2.8.
|
|||||
| CVE-2021-45506 | 1 Netgear | 14 Cbr750, Cbr750 Firmware, Rbk752 and 11 more | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
|
|||||
| CVE-2021-45505 | 1 Netgear | 14 Cbr750, Cbr750 Firmware, Rbk752 and 11 more | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
|
|||||
| CVE-2021-45504 | 1 Netgear | 10 Cbr40, Cbr40 Firmware, Cbr750 and 7 more | 2024-11-21 | 7.5 HIGH | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBR852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
|
|||||
| CVE-2021-45503 | 1 Netgear | 14 Cbr750, Cbr750 Firmware, Rbk752 and 11 more | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
|
|||||
| CVE-2021-45502 | 1 Netgear | 14 Cbr750, Cbr750 Firmware, Rbk752 and 11 more | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
|
|||||
| CVE-2021-45501 | 1 Netgear | 38 Ac2400, Ac2400 Firmware, Ac2600 and 35 more | 2024-11-21 | 10.0 HIGH | 9.4 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, AC2600 before 1.1.0.84, D7000 before 1.0.1.82, R6020 before 1.0.0.52, R6080 before 1.0.0.52, R6120 before 1.0.0.80, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.84, R6330 before 1.1.0.84, R6350 before 1.1.0.84, R6700v2 before 1.1.0.84, R6800 before 1.1.0.84, R6850 before 1.1.0.84, R6900v2 before 1.1.0.84, R7200 before 1.1.0.84, R7350 before 1.1.0.84, R7400 before 1.1.0.84, an ...
Show More |
|||||
| CVE-2021-45500 | 1 Netgear | 4 R7000p, R7000p Firmware, R8000 and 1 more | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
|
Certain NETGEAR devices are affected by authentication bypass. This affects R7000P before 1.3.3.140 and R8000 before 1.0.4.68.
|
|||||
| CVE-2021-45499 | 1 Netgear | 14 R6900p, R6900p Firmware, R7000p and 11 more | 2024-11-21 | 6.5 MEDIUM | 8.2 HIGH |
|
Certain NETGEAR devices are affected by authentication bypass. This affects R6900P before 1.3.3.140, R7000P before 1.3.3.140, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000P before 1.4.2.84, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106.
|
|||||
| CVE-2021-45498 | 1 Netgear | 2 R6700v2, R6700v2 Firmware | 2024-11-21 | 10.0 HIGH | 6.5 MEDIUM |
|
NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass.
|
|||||
| CVE-2021-45497 | 1 Netgear | 2 D7000, D7000 Firmware | 2024-11-21 | 10.0 HIGH | 9.4 CRITICAL |
|
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.
|
|||||
| CVE-2021-45496 | 1 Netgear | 2 D7000, D7000 Firmware | 2024-11-21 | 10.0 HIGH | 9.1 CRITICAL |
|
NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass.
|
|||||
| CVE-2021-45495 | 1 Netgear | 2 D7000, D7000 Firmware | 2024-11-21 | 10.0 HIGH | 6.5 MEDIUM |
|
NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass.
|
|||||
| CVE-2021-45494 | 1 Netgear | 6 Rbk352, Rbk352 Firmware, Rbr350 and 3 more | 2024-11-21 | 2.7 LOW | 8.4 HIGH |
|
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.
|
|||||
| CVE-2021-45493 | 1 Netgear | 6 Rax35, Rax35 Firmware, Rax38 and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.6 HIGH |
|
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35 before 1.0.4.102, RAX38 before 1.0.4.102, and RAX40 before 1.0.4.102.
|
|||||
| CVE-2021-45077 | 1 Netgear | 2 R6700, R6700 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device.
|
|||||
| CVE-2021-44262 | 1 Netgear | 6 Mbr1517, Mbr1517 Firmware, Wac104 and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information for the device.
|
|||||
| CVE-2021-44261 | 1 Netgear | 10 R6220, R6220 Firmware, R6900 and 7 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes firmware version information for the device.
|
|||||
| CVE-2021-41449 | 1 Netgear | 6 Rax35, Rax35 Firmware, Rax38 and 3 more | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted HTTP packet.
|
|||||
| CVE-2021-41383 | 1 Netgear | 2 R6020, R6020 Firmware | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntp_server field.
|
|||||
| CVE-2021-41314 | 1 Netgear | 40 Gc108p, Gc108p Firmware, Gc108pp and 37 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
|
Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or overwrite) a file with specific content (e.g., the "2" string). This leads to admin session crafting and therefore gaining full web UI admin privileges by an unauthenticated attacker. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TPv3 ...
Show More |
|||||
| CVE-2021-40867 | 1 Netgear | 40 Gc108p, Gc108p Firmware, Gc108pp and 37 more | 2024-11-21 | 5.4 MEDIUM | 7.8 HIGH |
|
Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process of logging in (e.g., behind the same NAT device, or already in possession of a foothold on an admin's machine). This occurs because the multi-step HTTP authentication process is effectively tied only to the source IP address. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before ...
Show More |
|||||
| CVE-2021-40866 | 1 Netgear | 40 Gc108p, Gc108p Firmware, Gc108pp and 37 more | 2024-11-21 | 5.4 MEDIUM | 9.8 CRITICAL |
|
Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication when the authentication TLV is missing from a received NSDP packet. This affects GC108P before 1.0.8.2, GC108PP before 1.0.8.2, GS108Tv3 before 7.0.7.2, GS110TPP before 7.0.7.2, GS110TPv3 before 7.0.7.2, GS110TUP before 1.0.5.3, GS308T before 1.0.3.2, GS310TP before 1.0.3.2, GS710TUP before 1.0.5.3, G ...
Show More |
|||||