Skip to main content

Netgear

748 CVEs vendor

Monthly

CVE-2021-37572 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Mediatek Authentication Bypass Mt7603E Firmware Mt7613 Firmware +5
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-37571 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Memory Corruption Mt7603E Firmware +6
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-37570 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Information Disclosure Mt7603E Firmware +6
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-37569 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Memory Corruption Mt7603E Firmware +6
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-37568 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Memory Corruption Mt7603E Firmware +6
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-37567 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Information Disclosure Mt7603E Firmware +6
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-37566 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Memory Corruption Mt7603E Firmware +8
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-37565 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Information Disclosure Mt7603E Firmware +6
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-37564 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Information Disclosure Mt7603E Firmware +6
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-37563 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Memory Corruption Mt7603E Firmware +9
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-37562 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Information Disclosure Mt7603E Firmware +9
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-37561 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Memory Corruption Mt7603E Firmware +9
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-37560 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Memory Corruption Mt7603E Firmware +9
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-35055 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Memory Corruption Mt7603E Firmware +9
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-32469 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Information Disclosure Mt7603E Firmware +9
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-32468 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Information Disclosure Mt7603E Firmware +9
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-32467 HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear Information Disclosure Mt7603E Firmware +8
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-41449 HIGH This Week

A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information,. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Netgear Path Traversal Rax35 Firmware Rax38 Firmware Rax40 Firmware
NVD VulDB
CVSS 3.1
7.1
EPSS
1.7%
CVE-2021-34991 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow RCE Ex3700 Firmware +43
NVD
CVSS 3.1
8.8
EPSS
5.7%
CVE-2021-40847 HIGH POC THREAT This Week

The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Netgear RCE R6400V2 Firmware R6700 Firmware R6700V3 Firmware +8
NVD
CVSS 3.1
8.1
EPSS
10.1%
CVE-2021-41383 HIGH POC This Week

setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntp_server field. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6020 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2021-41314 HIGH POC THREAT This Week

Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Code Injection Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +17
NVD
CVSS 3.1
8.8
EPSS
13.6%
CVE-2021-40867 HIGH POC This Week

Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process. Rated high severity (CVSS 7.1). Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +17
NVD
CVSS 3.1
7.1
EPSS
1.4%
CVE-2021-40866 HIGH POC This Week

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +17
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2021-38539 HIGH This Week

Certain NETGEAR devices are affected by privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Privilege Escalation D8500 Firmware R6400 Firmware R6700 Firmware +9
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-38538 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear XSS D7800 Firmware R7800 Firmware R8900 Firmware +12
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2021-38537 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +15
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2021-38536 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +16
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38535 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +16
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38534 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D3600 Firmware D6000 Firmware D6100 Firmware +40
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38533 MEDIUM This Month

NETGEAR RAX40 devices before 1.0.3.64 are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS Rax40 Firmware
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-38532 HIGH This Week

NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure Wac104 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2021-38531 HIGH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware D7000 Firmware R6020 Firmware +9
NVD
CVSS 3.1
7.2
EPSS
0.4%
CVE-2021-38530 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk40 Firmware Rbr40 Firmware Rbs40 Firmware +7
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2021-38529 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D7800 Firmware R7800 Firmware R8900 Firmware +1
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-38528 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D8500 Firmware R6900P Firmware R7000P Firmware +3
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-38527 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Ex6100 Firmware Ex6150 Firmware +31
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-38526 HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Rax35 Firmware Rax38 Firmware Rax40 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-38525 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption D3600 Firmware D6000 Firmware +24
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-38524 MEDIUM This Month

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption Mk62 Firmware Mr60 Firmware +11
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2021-38523 HIGH This Week

NETGEAR R6400 devices before 1.0.1.70 are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption R6400 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2021-38522 HIGH This Week

NETGEAR R6400 devices before 1.0.1.52 are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption R6400 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2021-38521 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware R7900P Firmware R8000P Firmware +2
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2021-38520 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware R6700 Firmware R6900 Firmware +1
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2021-38519 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6250 Firmware R6300 Firmware R6400 Firmware +11
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2021-38518 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection Rax200 Firmware Rax75 Firmware Rax80 Firmware +3
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2021-38517 HIGH This Week

Certain NETGEAR devices are affected by out-of-bounds reads and writes. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Information Disclosure R6400 Firmware Rax75 Firmware +2
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2021-38516 CRITICAL Act Now

Certain NETGEAR devices are affected by lack of access control at the function level. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6220 Firmware D6400 Firmware D7000 Firmware +56
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-38515 HIGH This Week

Certain NETGEAR devices are affected by denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service R6400 Firmware R6700 Firmware R7900 Firmware +1
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-38514 LOW Monitor

Certain NETGEAR devices are affected by authentication bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D3600 Firmware D6000 Firmware D6100 Firmware +71
NVD
CVSS 3.1
2.7
EPSS
0.7%
CVE-2021-38513 CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbk852 Firmware Rbr850 Firmware Rbs850 Firmware +8
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-32122 HIGH This Week

Certain NETGEAR devices are affected by CSRF. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

CSRF Netgear Ex3700 Firmware Ex3800 Firmware Ex6120 Firmware +1
NVD
CVSS 3.1
8.0
EPSS
0.4%
CVE-2021-35973 CRITICAL POC Act Now

NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Wac104 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2021-33514 CRITICAL POC Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Gc108P Firmware Gc108Pp Firmware Gs108T Firmware +14
NVD
CVSS 3.1
9.8
EPSS
8.8%
CVE-2021-31802 HIGH POC THREAT This Week

NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Netgear Memory Corruption File Upload R7000 Firmware
NVD
CVSS 3.1
8.8
EPSS
14.2%
CVE-2021-27253 HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Netgear RCE Br200 Firmware +42
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-27252 HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Netgear RCE Command Injection Br200 Firmware Br500 Firmware +41
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-27251 HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Netgear RCE Br200 Firmware Br500 Firmware D7800 Firmware +40
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-27276 HIGH This Week

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Path Traversal Prosafe Network Management System
NVD
CVSS 3.1
7.1
EPSS
72.5%
CVE-2021-27275 HIGH This Week

This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Path Traversal Prosafe Network Management System
NVD
CVSS 3.1
8.3
EPSS
73.3%
CVE-2021-27274 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear RCE File Upload Prosafe Network Management System
NVD
CVSS 3.1
9.8
EPSS
8.2%
CVE-2021-27273 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear RCE Command Injection Prosafe Network Management System
NVD
CVSS 3.1
8.8
EPSS
65.0%
CVE-2021-27272 HIGH This Week

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Path Traversal Prosafe Network Management System
NVD
CVSS 3.1
7.1
EPSS
73.8%
CVE-2021-27239 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow RCE D6220 Firmware +34
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-29082 HIGH This Week

Certain NETGEAR devices are affected by disclosure of sensitive information. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rbw30 Firmware Rbs40V Firmware Rbk752 Firmware +10
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-29081 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption Rbw30 Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
8.4
EPSS
0.4%
CVE-2021-29080 HIGH This Week

Certain NETGEAR devices are affected by password reset by an unauthenticated attacker. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rbk852 Firmware Rbk853 Firmware Rbr854 Firmware +13
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2021-29079 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
9.6
EPSS
0.7%
CVE-2021-29078 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +8
NVD
CVSS 3.1
9.6
EPSS
0.8%
CVE-2021-29077 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbw30 Firmware Rbs40V Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
9.6
EPSS
0.8%
CVE-2021-29076 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
9.6
EPSS
0.8%
CVE-2021-29075 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption Rbw30 Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
8.4
EPSS
0.4%
CVE-2021-29074 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption Rbw30 Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
8.4
EPSS
0.4%
CVE-2021-29073 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption R8000P Firmware Mk62 Firmware +11
NVD
CVSS 3.1
8.4
EPSS
0.3%
CVE-2021-29072 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
8.4
EPSS
0.6%
CVE-2021-29071 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated critical severity (CVSS 9.0), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +8
NVD
CVSS 3.1
9.0
EPSS
0.7%
CVE-2021-29070 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
8.4
EPSS
0.6%
CVE-2021-29069 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Xr450 Firmware Xr500 Firmware Wnr2000V5 Firmware
NVD
CVSS 3.1
8.4
EPSS
0.5%
CVE-2021-29068 HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear R6700 Firmware R6400 Firmware R7000 Firmware +77
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-29067 CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbw30 Firmware Rbs40V Firmware Rbk852 Firmware +10
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2021-29066 CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbk852 Firmware Rbk853 Firmware Rbk854 Firmware +2
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2021-29065 CRITICAL Act Now

NETGEAR RBR850 devices before 3.2.10.11 are affected by authentication bypass. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbr850 Firmware
NVD
CVSS 3.1
9.6
EPSS
0.6%
CVE-2021-27257 MEDIUM PATCH This Month

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Netgear RCE Br200 Firmware Br500 Firmware D7800 Firmware +40
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2021-27256 HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Netgear RCE Command Injection Br200 Firmware Br500 Firmware +41
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-27255 HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Netgear RCE Authentication Bypass Br200 Firmware Br500 Firmware +41
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-27254 HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Netgear RCE Authentication Bypass Br200 Firmware Br500 Firmware +41
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-35842 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware D7000 Firmware Jnr1010V2 Firmware +11
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-35841 HIGH This Week

Certain NETGEAR devices are affected by stored XSS. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware D7000 Firmware Jnr1010V2 Firmware +15
NVD
CVSS 3.1
7.6
EPSS
0.6%
CVE-2020-35840 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware D7000 Firmware Jnr1010V2 Firmware +11
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-35839 HIGH This Week

Certain NETGEAR devices are affected by Stored XSS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500V2 Firmware R7800 Firmware +5
NVD
CVSS 3.1
8.1
EPSS
0.7%
EPSS 1% CVSS 7.5
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Mediatek Authentication Bypass +7
NVD
EPSS 1% CVSS 8.8
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +8
NVD
EPSS 1% CVSS 7.5
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +8
NVD
EPSS 1% CVSS 8.8
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +8
NVD
EPSS 1% CVSS 8.8
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +8
NVD
EPSS 1% CVSS 7.5
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +8
NVD
EPSS 1% CVSS 8.8
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +10
NVD
EPSS 1% CVSS 7.5
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +8
NVD
EPSS 1% CVSS 7.5
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +8
NVD
EPSS 1% CVSS 8.8
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +11
NVD
EPSS 1% CVSS 7.5
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +11
NVD
EPSS 1% CVSS 8.8
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +11
NVD
EPSS 1% CVSS 8.8
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +11
NVD
EPSS 1% CVSS 8.8
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +11
NVD
EPSS 1% CVSS 7.5
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +11
NVD
EPSS 1% CVSS 7.5
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +11
NVD
EPSS 1% CVSS 7.5
HIGH This Week

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mediatek Netgear +10
NVD
EPSS 2% CVSS 7.1
HIGH This Week

A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information,. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Netgear Path Traversal Rax35 Firmware +2
NVD VulDB
EPSS 6% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +45
NVD
EPSS 10% CVSS 8.1
HIGH POC THREAT This Week

The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Netgear RCE R6400V2 Firmware +10
NVD
EPSS 2% CVSS 7.2
HIGH POC This Week

setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntp_server field. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6020 Firmware
NVD
EPSS 14% CVSS 8.8
HIGH POC THREAT This Week

Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Code Injection Gc108P Firmware +19
NVD
EPSS 1% CVSS 7.1
HIGH POC This Week

Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process. Rated high severity (CVSS 7.1). Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Gc108P Firmware +19
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Information Disclosure Gc108P Firmware +19
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Privilege Escalation D8500 Firmware +11
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear XSS D7800 Firmware +14
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware +17
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware +18
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware +18
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D3600 Firmware +42
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

NETGEAR RAX40 devices before 1.0.3.64 are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS Rax40 Firmware
NVD
EPSS 1% CVSS 7.2
HIGH This Week

NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure Wac104 Firmware
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware +11
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk40 Firmware +9
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D7800 Firmware +3
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D8500 Firmware +5
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +33
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Rax35 Firmware +2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +26
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +13
NVD
EPSS 1% CVSS 7.2
HIGH This Week

NETGEAR R6400 devices before 1.0.1.70 are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

NETGEAR R6400 devices before 1.0.1.52 are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware +4
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware +3
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6250 Firmware +13
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection Rax200 Firmware +5
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by out-of-bounds reads and writes. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Information Disclosure +4
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by lack of access control at the function level. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6220 Firmware +58
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Certain NETGEAR devices are affected by denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service R6400 Firmware +3
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Certain NETGEAR devices are affected by authentication bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D3600 Firmware +73
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbk852 Firmware +10
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Certain NETGEAR devices are affected by CSRF. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

CSRF Netgear Ex3700 Firmware +3
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Wac104 Firmware
NVD
EPSS 9% CVSS 9.8
CRITICAL POC Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection Gc108P Firmware +16
NVD
EPSS 14% CVSS 8.8
HIGH POC THREAT This Week

NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Netgear Memory Corruption +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow Netgear +44
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Netgear RCE Command Injection +43
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Netgear RCE Br200 Firmware +42
NVD
EPSS 72% CVSS 7.1
HIGH This Week

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Path Traversal Prosafe Network Management System
NVD
EPSS 73% CVSS 8.3
HIGH This Week

This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Path Traversal Prosafe Network Management System
NVD
EPSS 8% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear RCE File Upload +1
NVD
EPSS 65% CVSS 8.8
HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear RCE Command Injection +1
NVD
EPSS 74% CVSS 7.1
HIGH This Week

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Path Traversal Prosafe Network Management System
NVD
EPSS 1% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +36
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by disclosure of sensitive information. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rbw30 Firmware +12
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +12
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Certain NETGEAR devices are affected by password reset by an unauthenticated attacker. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rbk852 Firmware +15
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware +4
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware +10
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbw30 Firmware +12
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware +4
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +12
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +12
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +13
NVD
EPSS 1% CVSS 8.4
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware +4
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated critical severity (CVSS 9.0), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware +10
NVD
EPSS 1% CVSS 8.4
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware +4
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Xr450 Firmware +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear R6700 Firmware +79
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbw30 Firmware +12
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbk852 Firmware +4
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

NETGEAR RBR850 devices before 3.2.10.11 are affected by authentication bypass. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rbr850 Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Netgear RCE Br200 Firmware +42
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Netgear RCE Command Injection +43
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Netgear RCE Authentication Bypass +43
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Netgear RCE Authentication Bypass +43
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware +13
NVD
EPSS 1% CVSS 7.6
HIGH This Week

Certain NETGEAR devices are affected by stored XSS. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware +17
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware +13
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Certain NETGEAR devices are affected by Stored XSS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware +7
NVD
Prev Page 6 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy