Skip to main content

Gs108T Firmware

5 CVEs product

Monthly

CVE-2021-45677 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Gs108T Firmware Gs110Tp Firmware
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-41314 HIGH POC THREAT This Week

Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Code Injection Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +17
NVD
CVSS 3.1
8.8
EPSS
13.6%
CVE-2021-40867 HIGH POC This Week

Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process. Rated high severity (CVSS 7.1). Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +17
NVD
CVSS 3.1
7.1
EPSS
1.4%
CVE-2021-40866 HIGH POC This Week

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +17
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2021-33514 CRITICAL POC Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +14
NVD
CVSS 3.1
9.8
EPSS
8.8%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS Gs108T Firmware +1
NVD
EPSS 14% CVSS 8.8
HIGH POC THREAT This Week

Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Code Injection Gc108P Firmware +19
NVD
EPSS 1% CVSS 7.1
HIGH POC This Week

Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process. Rated high severity (CVSS 7.1). Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Gc108P Firmware +19
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Gc108P Firmware +19
NVD
EPSS 9% CVSS 9.8
CRITICAL POC Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Gc108P Firmware +16
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy