Skip to main content
CVE-2021-45608 CRITICAL POC PATCH Act Now

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Netgear RCE D-Link Integer Overflow TP-Link +4
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2021-45511 CRITICAL POC PATCH THREAT Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass Ac2100 Firmware Ac2400 Firmware Ac2600 Firmware +14
NVD
CVSS 3.1
9.8
EPSS
17.6%
CVE-2021-4168 HIGH POC PATCH This Week

showdoc is vulnerable to Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Showdoc
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2021-45720 HIGH POC PATCH This Week

An issue was discovered in the lru crate before 0.7.1 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Lru
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-45719 HIGH POC PATCH This Week

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Rusqlite
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-45718 HIGH POC PATCH This Week

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Rusqlite
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-45717 HIGH POC PATCH This Week

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Rusqlite
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-45716 HIGH POC PATCH This Week

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Rusqlite
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-45715 HIGH POC PATCH This Week

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Rusqlite
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-45714 HIGH POC PATCH This Week

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Rusqlite
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-45713 HIGH POC PATCH This Week

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Rusqlite
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-45712 HIGH POC PATCH This Week

An issue was discovered in the rust-embed crate before 6.3.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Rust Embed
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2021-44598 MEDIUM POC This Month

Attendance Management System 1.0 is affected by a Cross Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Attendance Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-4169 MEDIUM POC PATCH This Month

livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Live Helper Chat
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-45678 CRITICAL Act Now

NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax200 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-45658 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by server-side injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Code Injection D7800 Firmware Dm200 Firmware Ex2700 Firmware +29
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-45645 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Information Disclosure Rbs50Y Firmware Srk60 Firmware Srr60 Firmware +5
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2021-45644 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Information Disclosure Ac2100 Firmware Ac2400 Firmware Ac2600 Firmware +13
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-45638 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Netgear Memory Corruption D6220 Firmware D6400 Firmware +12
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-45637 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Netgear Memory Corruption R6260 Firmware R6800 Firmware +6
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-45630 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Rbk752 Firmware +5
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-45627 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Command Injection Cbr750 Firmware Rbk852 Firmware Rbr850 Firmware +1
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-45625 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Command Injection Xr300 Firmware R7000P Firmware R6900P Firmware
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-45624 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Command Injection D7000V2 Firmware D8500 Firmware R7000 Firmware +8
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-45623 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Command Injection R7800 Firmware R9000 Firmware Xr500 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-45622 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +37
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2021-45621 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +45
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45620 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +39
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45619 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Ex6250 Firmware Ex7700 Firmware Ex8000 Firmware +39
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2021-45618 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D7800 Firmware Ex6200V2 Firmware Ex6250 Firmware +33
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45617 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Eax20 Firmware Eax80 Firmware +30
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-45616 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr750 Firmware Lax20 Firmware Mk62 Firmware +29
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45614 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D7000V2 Firmware Lax20 Firmware Mk62 Firmware +19
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45613 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware D7000V2 Firmware +23
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45612 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +36
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2021-45611 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Netgear Dc112A Firmware R6400 Firmware R8300 Firmware +6
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-45610 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Netgear D6220 Firmware D6400 Firmware D7000V2 Firmware +25
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-45609 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Netgear D8500 Firmware R6250 Firmware R7000 Firmware +7
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-45527 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Netgear Rbk752 Firmware Rbr750 Firmware Rbs750 Firmware +33
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-45512 CRITICAL Act Now

Certain NETGEAR devices are affected by weak cryptography. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D7000 Firmware D8500 Firmware Ex3700 Firmware +18
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2021-45509 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass Cbr40 Firmware Rbk752 Firmware Rbr750 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-45508 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass Cbr40 Firmware Cbr750 Firmware Rbk752 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-45507 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass Cbr40 Firmware Cbr750 Firmware Rbw30 Firmware +7
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-45504 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass Cbr40 Firmware Cbr750 Firmware Rbr850 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-45501 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass Ac2400 Firmware Ac2600 Firmware D7000 Firmware +16
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-45498 CRITICAL PATCH Act Now

NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass R6700V2 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-45497 CRITICAL PATCH Act Now

NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass D7000 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-45496 CRITICAL PATCH Act Now

NETGEAR D7000 devices before 1.0.1.82 are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass D7000 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-45495 CRITICAL PATCH Act Now

NETGEAR D7000 devices before 1.0.1.68 are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass D7000 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-45513 CRITICAL Act Now

NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Xr1000 Firmware
NVD
CVSS 3.1
9.6
EPSS
0.8%
Page 1 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy