Skip to main content

Ms510Txm Firmware

6 CVEs product

Monthly

CVE-2021-45557 HIGH PATCH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Netgear Command Injection Gc108P Firmware Gc108Pp Firmware Gs108Tv3 Firmware +17
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-45556 HIGH PATCH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Netgear Command Injection Gs108Tv2 Firmware Gs110Tpp Firmware Gs110Tpv2 Firmware +11
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-41314 HIGH POC THREAT This Week

Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Code Injection Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +17
NVD
CVSS 3.1
8.8
EPSS
13.6%
CVE-2021-40867 HIGH POC This Week

Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process. Rated high severity (CVSS 7.1). Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +17
NVD
CVSS 3.1
7.1
EPSS
1.4%
CVE-2021-40866 HIGH POC This Week

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +17
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2021-33514 CRITICAL POC Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +14
NVD
CVSS 3.1
9.8
EPSS
8.8%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Netgear Command Injection Gc108P Firmware +19
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Netgear Command Injection Gs108Tv2 Firmware +13
NVD
EPSS 14% CVSS 8.8
HIGH POC THREAT This Week

Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Code Injection Gc108P Firmware +19
NVD
EPSS 1% CVSS 7.1
HIGH POC This Week

Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process. Rated high severity (CVSS 7.1). Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Gc108P Firmware +19
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Gc108P Firmware +19
NVD
EPSS 9% CVSS 9.8
CRITICAL POC Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Gc108P Firmware +16
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy