Skip to main content

Dgn2200 Firmware

9 CVEs product

Monthly

CVE-2025-12944 MEDIUM This Month

Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netgear Dgn2200 Firmware
NVD
CVSS 4.0
6.8
EPSS
0.1%
CVE-2024-57046 HIGH POC THREAT Act Now

Netgear DGN2200 router firmware v1.0.0.46 and earlier contains an authentication bypass. By appending ?x=1.gif to any URL, the router's authentication check is fooled into treating the request as an image file, granting unauthenticated access to all management functions including configuration and firmware management.

Netgear Authentication Bypass Dgn2200 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
62.4%
Threat
5.1
CVE-2021-45550 MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection D3600 Firmware D6000 Firmware D6100 Firmware +25
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2021-38534 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D3600 Firmware D6000 Firmware D6100 Firmware +40
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38516 CRITICAL Act Now

Certain NETGEAR devices are affected by lack of access control at the function level. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6220 Firmware D6400 Firmware D7000 Firmware +56
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-38514 LOW Monitor

Certain NETGEAR devices are affected by authentication bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D3600 Firmware D6000 Firmware D6100 Firmware +71
NVD
CVSS 3.1
2.7
EPSS
0.7%
CVE-2020-35785 HIGH This Week

NETGEAR DGN2200v1 devices before v1.0.0.60 mishandle HTTPd authentication (aka PSV-2020-0363, PSV-2020-0364, and PSV-2020-0365). Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Dgn2200 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-17373 CRITICAL Act Now

Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Mbr1515 Firmware Mbr1516 Firmware Dgn2200 Firmware +7
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2017-6366 HIGH POC This Week

Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE CSRF Netgear Dgn2200 Firmware
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
0.2%
EPSS 0% CVSS 6.8
MEDIUM This Month

Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netgear Dgn2200 Firmware
NVD
EPSS 62% 5.1 CVSS 8.8
HIGH POC THREAT Act Now

Netgear DGN2200 router firmware v1.0.0.46 and earlier contains an authentication bypass. By appending ?x=1.gif to any URL, the router's authentication check is fooled into treating the request as an image file, granting unauthenticated access to all management functions including configuration and firmware management.

Netgear Authentication Bypass Dgn2200 Firmware
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection D3600 Firmware +27
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D3600 Firmware +42
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by lack of access control at the function level. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6220 Firmware +58
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Certain NETGEAR devices are affected by authentication bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D3600 Firmware +73
NVD
EPSS 1% CVSS 8.8
HIGH This Week

NETGEAR DGN2200v1 devices before v1.0.0.60 mishandle HTTPd authentication (aka PSV-2020-0363, PSV-2020-0364, and PSV-2020-0365). Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Dgn2200 Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Mbr1515 Firmware +9
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE CSRF Netgear +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy