Skip to main content

R6020 Firmware

27 CVEs product

Monthly

CVE-2021-45672 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by Stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +17
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2021-45657 HIGH PATCH This Week

Certain NETGEAR devices are affected by server-side injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Netgear Code Injection D6200 Firmware D7000 Firmware R6020 Firmware +25
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-45656 HIGH PATCH This Week

Certain NETGEAR devices are affected by server-side injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Netgear Code Injection D6200 Firmware D7000 Firmware R6020 Firmware +24
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-45551 HIGH PATCH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Netgear Command Injection D6200 Firmware D7000 Firmware R6020 Firmware +15
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-45501 CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass Ac2400 Firmware Ac2600 Firmware D7000 Firmware +16
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-41383 HIGH POC This Week

setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntp_server field. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6020 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2021-38537 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +15
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2021-38536 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +16
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38535 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +16
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38534 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D3600 Firmware D6000 Firmware D6100 Firmware +40
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38531 HIGH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware D7000 Firmware R6020 Firmware +9
NVD
CVSS 3.1
7.2
EPSS
0.4%
CVE-2021-38525 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption D3600 Firmware D6000 Firmware +24
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-38516 CRITICAL Act Now

Certain NETGEAR devices are affected by lack of access control at the function level. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6220 Firmware D6400 Firmware D7000 Firmware +56
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-38514 LOW Monitor

Certain NETGEAR devices are affected by authentication bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D3600 Firmware D6000 Firmware D6100 Firmware +71
NVD
CVSS 3.1
2.7
EPSS
0.7%
CVE-2020-35842 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware D7000 Firmware Jnr1010V2 Firmware +11
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-35841 HIGH This Week

Certain NETGEAR devices are affected by stored XSS. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware D7000 Firmware Jnr1010V2 Firmware +15
NVD
CVSS 3.1
7.6
EPSS
0.6%
CVE-2020-35840 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware D7000 Firmware Jnr1010V2 Firmware +11
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-35803 MEDIUM This Month

Certain NETGEAR devices are affected by disclosure of sensitive information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware D7000 Firmware R6020 Firmware +12
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-35799 CRITICAL Act Now

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption D3600 Firmware D6000 Firmware +44
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-35787 HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear D3600 Firmware D6000 Firmware D6200 Firmware +23
NVD
CVSS 3.1
8.0
EPSS
0.5%
CVE-2020-17409 MEDIUM PATCH This Month

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Netgear Information Disclosure R6020 Firmware R6080 Firmware R6120 Firmware +8
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-26927 CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Ac2100 Firmware Ac2400 Firmware Ac2600 Firmware +14
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2020-26916 MEDIUM This Month

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware D7000 Firmware Jr6150 Firmware +11
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2020-26914 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.1). No vendor patch available.

Netgear Command Injection D6200 Firmware D7000 Firmware Jr6150 Firmware +11
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2020-26912 HIGH This Week

Certain NETGEAR devices are affected by CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear CSRF D6200 Firmware D7000 Firmware Jr6150 Firmware +11
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-26911 HIGH This Week

Certain NETGEAR devices are affected by lack of access control at the function level. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware D7000 Firmware Jr6150 Firmware +11
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-26908 CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D6200 Firmware D7000 Firmware Pr2000 Firmware +12
NVD
CVSS 3.1
9.8
EPSS
2.1%
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by Stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Netgear XSS D6200 Firmware +19
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Certain NETGEAR devices are affected by server-side injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Netgear Code Injection D6200 Firmware +27
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Certain NETGEAR devices are affected by server-side injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Netgear Code Injection D6200 Firmware +26
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Netgear Command Injection D6200 Firmware +17
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Netgear Authentication Bypass Ac2400 Firmware +18
NVD
EPSS 2% CVSS 7.2
HIGH POC This Week

setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in the ntp_server field. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6020 Firmware
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware +17
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware +18
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware +18
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D3600 Firmware +42
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware +11
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +26
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by lack of access control at the function level. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6220 Firmware +58
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Certain NETGEAR devices are affected by authentication bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D3600 Firmware +73
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware +13
NVD
EPSS 1% CVSS 7.6
HIGH This Week

Certain NETGEAR devices are affected by stored XSS. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware +17
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D6200 Firmware +13
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Certain NETGEAR devices are affected by disclosure of sensitive information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware +14
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +46
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear D3600 Firmware +25
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Netgear Information Disclosure R6020 Firmware +10
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Ac2100 Firmware +16
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware +13
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.1). No vendor patch available.

Netgear Command Injection D6200 Firmware +13
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear CSRF D6200 Firmware +13
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by lack of access control at the function level. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware +13
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D6200 Firmware +14
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy