Skip to main content

R6700 Firmware

53 CVEs product

Monthly

CVE-2023-33533 HIGH POC This Week

Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection D6220 Firmware D8500 Firmware R6700 Firmware +1
NVD GitHub
CVSS 3.1
8.8
EPSS
3.1%
CVE-2023-30280 CRITICAL Act Now

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Netgear R6900 Firmware R6700 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-45732 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-45077 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-23147 MEDIUM This Month

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2021-20175 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-20174 HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-20173 HIGH POC This Week

Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2021-45656 HIGH PATCH This Week

Certain NETGEAR devices are affected by server-side injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Netgear Code Injection D6200 Firmware D7000 Firmware R6020 Firmware +24
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-45641 HIGH PATCH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Netgear Information Disclosure D3600 Firmware D6000 Firmware D6200 Firmware +46
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-45640 HIGH PATCH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Netgear Information Disclosure D3600 Firmware D6000 Firmware D6200 Firmware +48
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2021-45604 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated medium severity (CVSS 4.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Netgear Memory Corruption Cbr750 Firmware D6220 Firmware +36
NVD
CVSS 3.1
4.5
EPSS
0.4%
CVE-2021-45573 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption R6260 Firmware R6800 Firmware +6
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-45550 MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection D3600 Firmware D6000 Firmware D6100 Firmware +25
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2021-45549 MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Lax20 Firmware Mk62 Firmware Mr60 Firmware +24
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2021-45525 HIGH PATCH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Netgear Ex7000 Firmware R6400 Firmware R6400V2 Firmware +12
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-45512 CRITICAL Act Now

Certain NETGEAR devices are affected by weak cryptography. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D7000 Firmware D8500 Firmware Ex3700 Firmware +18
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2021-40847 HIGH POC THREAT This Week

The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Netgear RCE R6400V2 Firmware R6700 Firmware R6700V3 Firmware +8
NVD
CVSS 3.1
8.1
EPSS
10.1%
CVE-2021-38539 HIGH This Week

Certain NETGEAR devices are affected by privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Privilege Escalation D8500 Firmware R6400 Firmware R6700 Firmware +9
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-38537 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +15
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2021-38536 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +16
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38535 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware D7000 Firmware R6020 Firmware +16
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38534 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D3600 Firmware D6000 Firmware D6100 Firmware +40
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-38531 HIGH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware D7000 Firmware R6020 Firmware +9
NVD
CVSS 3.1
7.2
EPSS
0.4%
CVE-2021-38525 HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption D3600 Firmware D6000 Firmware +24
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2021-38520 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware R6700 Firmware R6900 Firmware +1
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2021-38519 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6250 Firmware R6300 Firmware R6400 Firmware +11
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2021-38516 CRITICAL Act Now

Certain NETGEAR devices are affected by lack of access control at the function level. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6220 Firmware D6400 Firmware D7000 Firmware +56
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-38515 HIGH This Week

Certain NETGEAR devices are affected by denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service R6400 Firmware R6700 Firmware R7900 Firmware +1
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-38514 LOW Monitor

Certain NETGEAR devices are affected by authentication bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D3600 Firmware D6000 Firmware D6100 Firmware +71
NVD
CVSS 3.1
2.7
EPSS
0.7%
CVE-2021-27239 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow RCE D6220 Firmware +34
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-29068 HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear R6700 Firmware R6400 Firmware R7000 Firmware +77
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-35796 CRITICAL Act Now

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Cbr40 Firmware D6220 Firmware D6400 Firmware +66
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-35795 CRITICAL Act Now

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Ac2100 Firmware Ac2400 Firmware Ac2600 Firmware +74
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-35787 HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear D3600 Firmware D6000 Firmware D6200 Firmware +23
NVD
CVSS 3.1
8.0
EPSS
0.5%
CVE-2020-26927 CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Ac2100 Firmware Ac2400 Firmware Ac2600 Firmware +14
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2020-15636 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow RCE R6700 Firmware
NVD
CVSS 3.1
9.8
EPSS
8.5%
CVE-2020-15635 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers with firmware 1.0.4.84_10.0.58. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow RCE R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
2.6%
CVE-2020-15634 MEDIUM This Month

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers with firmware 1.0.4.84_10.0.58. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
CVSS 3.1
6.3
EPSS
1.4%
CVE-2020-15417 MEDIUM This Month

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow RCE R6700 Firmware
NVD
CVSS 3.1
6.3
EPSS
1.3%
CVE-2020-15416 HIGH This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
6.4%
CVE-2020-10930 MEDIUM This Month

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-10929 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2020-10928 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Heap Overflow RCE R6700 Firmware
NVD
CVSS 3.1
8.4
EPSS
0.6%
CVE-2020-10927 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-10926 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2020-10925 HIGH This Week

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-10924 HIGH POC THREAT This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
87.3%
CVE-2020-10923 HIGH POC THREAT This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
CVSS 3.1
8.8
EPSS
84.7%
CVE-2020-11789 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware R6700 Firmware R6900 Firmware +1
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2020-11788 HIGH This Week

Certain NETGEAR devices are affected by authentication bypass. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D6200 Firmware D7000 Firmware Pr2000 Firmware +9
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2020-11770 HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection D6220 Firmware D6400 Firmware D8500 Firmware +23
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2019-17372 HIGH POC This Week

Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Ac1450 Firmware D8500 Firmware Dc112A Firmware +30
NVD GitHub
CVSS 3.1
8.1
EPSS
1.7%
EPSS 3% CVSS 8.8
HIGH POC This Week

Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection D6220 Firmware +3
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Netgear +2
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure R6700 Firmware
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Netgear Command Injection R6700 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Certain NETGEAR devices are affected by server-side injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Netgear Code Injection D6200 Firmware +26
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Netgear Information Disclosure D3600 Firmware +48
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Netgear Information Disclosure D3600 Firmware +50
NVD
EPSS 0% CVSS 4.5
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated medium severity (CVSS 4.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Netgear Memory Corruption +38
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +8
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection D3600 Firmware +27
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Lax20 Firmware +26
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Netgear Ex7000 Firmware +14
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by weak cryptography. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D7000 Firmware +20
NVD
EPSS 10% CVSS 8.1
HIGH POC THREAT This Week

The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Netgear RCE R6400V2 Firmware +10
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Privilege Escalation D8500 Firmware +11
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware +17
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware +18
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D6200 Firmware +18
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear XSS D3600 Firmware +42
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware +11
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption +26
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware +3
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection R6250 Firmware +13
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by lack of access control at the function level. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6220 Firmware +58
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Certain NETGEAR devices are affected by denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service R6400 Firmware +3
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Certain NETGEAR devices are affected by authentication bypass. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D3600 Firmware +73
NVD
EPSS 1% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +36
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Netgear R6700 Firmware +79
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Cbr40 Firmware +68
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Ac2100 Firmware +76
NVD
EPSS 0% CVSS 8.0
HIGH This Week

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear D3600 Firmware +25
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Ac2100 Firmware +16
NVD
EPSS 9% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +2
NVD
EPSS 3% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers with firmware 1.0.4.84_10.0.58. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +2
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers with firmware 1.0.4.84_10.0.58. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +2
NVD
EPSS 6% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
EPSS 1% CVSS 8.4
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Heap Overflow +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
EPSS 87% CVSS 8.8
HIGH POC THREAT This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +1
NVD
EPSS 85% CVSS 8.8
HIGH POC THREAT This Week

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear RCE R6700 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection R6400 Firmware +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by authentication bypass. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass D6200 Firmware +11
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Command Injection D6220 Firmware +25
NVD
EPSS 2% CVSS 8.1
HIGH POC This Week

Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Netgear Authentication Bypass Ac1450 Firmware +32
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy