Skip to main content

Rax43 Firmware

16 CVEs product

Monthly

CVE-2021-20171 MEDIUM This Month

Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-20170 HIGH This Week

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-20169 MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2021-20168 MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2021-20167 HIGH POC This Week

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rax43 Firmware
NVD
CVSS 3.1
8.0
EPSS
8.5%
CVE-2021-20166 HIGH This Week

Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Rax43 Firmware
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2021-45622 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +37
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2021-45621 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +45
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45620 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +39
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45616 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr750 Firmware Lax20 Firmware Mk62 Firmware +29
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45614 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D7000V2 Firmware Lax20 Firmware Mk62 Firmware +19
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45613 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware D7000V2 Firmware +23
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45612 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +36
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2021-45604 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated medium severity (CVSS 4.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Netgear Memory Corruption Cbr750 Firmware D6220 Firmware +36
NVD
CVSS 3.1
4.5
EPSS
0.4%
CVE-2021-45549 MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Lax20 Firmware Mk62 Firmware Mr60 Firmware +24
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2021-34991 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow RCE Ex3700 Firmware +43
NVD
CVSS 3.1
8.8
EPSS
5.7%
EPSS 0% CVSS 5.5
MEDIUM This Month

Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rax43 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Rax43 Firmware
NVD
EPSS 9% CVSS 8.0
HIGH POC This Week

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rax43 Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Rax43 Firmware
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +39
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +47
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +41
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr750 Firmware +31
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D7000V2 Firmware +21
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +25
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +38
NVD
EPSS 0% CVSS 4.5
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated medium severity (CVSS 4.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Netgear Memory Corruption +38
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Lax20 Firmware +26
NVD
EPSS 6% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow +45
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy