Skip to main content
CVE-2021-20173 HIGH POC This Week

Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2021-20165 HIGH POC This Week

Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Tew 827Dru Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2021-20160 HIGH POC This Week

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb functionality of the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD
CVSS 3.1
8.8
EPSS
3.1%
CVE-2021-20159 HIGH POC This Week

Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD
CVSS 3.1
8.8
EPSS
3.4%
CVE-2021-20132 HIGH POC This Week

Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote attacker to gain administrative access to the zebra or ripd those. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Authentication Bypass Dir 2640 Us Firmware
NVD
CVSS 3.1
8.8
EPSS
4.3%
CVE-2021-20134 HIGH POC This Week

Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated attacker to set an arbitrary file. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

D-Link RCE Path Traversal Dir 2640 Us Firmware
NVD
CVSS 3.1
8.4
EPSS
7.5%
CVE-2021-20167 HIGH POC This Week

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rax43 Firmware
NVD
CVSS 3.1
8.0
EPSS
8.5%
CVE-2021-20172 HIGH POC This Week

All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Netgear Apple Privilege Escalation Genie Installer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-4190 HIGH POC This Week

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2021-4186 HIGH POC This Week

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark Fedora
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2021-4185 HIGH POC This Week

Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora Debian Linux Http Server +1
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2021-4184 HIGH POC This Week

Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark Fedora Debian Linux Http Server +1
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2021-4182 HIGH POC PATCH This Week

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Wireshark Fedora Http Server Zfs Storage Appliance Kit
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2021-4181 HIGH POC This Week

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Wireshark Fedora +3
NVD
CVSS 3.1
7.5
EPSS
3.8%
CVE-2021-20157 HIGH POC This Week

It is possible for an unauthenticated, malicious user to force the device to reboot due to a hidden administrative command. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tew 827Dru Firmware
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-4188 HIGH POC PATCH This Week

mruby is vulnerable to NULL Pointer Dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Mruby
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-45732 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-20170 HIGH This Week

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-20166 HIGH This Week

Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Rax43 Firmware
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-45379 HIGH PATCH This Week

Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Glewlwyd
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2021-45077 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-20175 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-20174 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-20154 HIGH This Week

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tew 827Dru Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2021-44466 HIGH PATCH This Week

Bitmask Riseup VPN 0.21.6 contains a local privilege escalation flaw due to improper access controls. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Bitmask Riseup Vpn
NVD
CVSS 3.1
7.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy