Skip to main content

Xr1000 Firmware

19 CVEs product

Monthly

CVE-2024-35517 HIGH This Week

Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Netgear Xr1000 Firmware
NVD GitHub
CVSS 3.1
7.2
EPSS
14.1%
CVE-2021-45654 HIGH PATCH This Week

NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Netgear Information Disclosure Xr1000 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-45643 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Netgear Information Disclosure R6400V2 Firmware R6700V3 Firmware Xr1000 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-45622 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +37
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2021-45621 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +45
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45620 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +39
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45616 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr750 Firmware Lax20 Firmware Mk62 Firmware +29
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45614 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D7000V2 Firmware Lax20 Firmware Mk62 Firmware +19
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45613 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware D7000V2 Firmware +23
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-45612 CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Cbr750 Firmware Eax20 Firmware +36
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2021-45604 MEDIUM PATCH This Month

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated medium severity (CVSS 4.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Netgear Memory Corruption Cbr750 Firmware D6220 Firmware +36
NVD
CVSS 3.1
4.5
EPSS
0.4%
CVE-2021-45549 MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Lax20 Firmware Mk62 Firmware Mr60 Firmware +24
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2021-45522 HIGH This Week

NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Xr1000 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-45519 MEDIUM This Month

NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Xr1000 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2021-45518 MEDIUM This Month

NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Xr1000 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2021-45517 MEDIUM This Month

NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Xr1000 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2021-45514 HIGH This Week

NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Xr1000 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-45513 CRITICAL Act Now

NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Xr1000 Firmware
NVD
CVSS 3.1
9.6
EPSS
0.8%
CVE-2021-45510 HIGH This Week

NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Xr1000 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
EPSS 14% CVSS 7.2
HIGH This Week

Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Netgear Xr1000 Firmware
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Netgear Information Disclosure Xr1000 Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Netgear Information Disclosure R6400V2 Firmware +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +39
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +47
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +41
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr750 Firmware +31
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection D7000V2 Firmware +21
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +25
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware +38
NVD
EPSS 0% CVSS 4.5
MEDIUM PATCH This Month

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated medium severity (CVSS 4.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Netgear Memory Corruption +38
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Lax20 Firmware +26
NVD
EPSS 1% CVSS 8.8
HIGH This Week

NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Xr1000 Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Xr1000 Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Xr1000 Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Denial Of Service Xr1000 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Xr1000 Firmware
NVD
EPSS 1% CVSS 9.6
CRITICAL Act Now

NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Command Injection Xr1000 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass Xr1000 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy