Vulnerabilities > Netgear > Ac2400 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-01-25 CVE-2021-34865 Incorrect Comparison vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers.
low complexity
netgear CWE-697
8.8
2021-12-26 CVE-2021-45501 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by authentication bypass.
network
low complexity
netgear
critical
9.8
2021-12-26 CVE-2021-45511 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by authentication bypass.
network
low complexity
netgear
critical
9.8
2021-12-26 CVE-2021-45534 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
local
low complexity
netgear CWE-77
7.8
2021-12-26 CVE-2021-45551 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
network
low complexity
netgear CWE-77
8.8
2021-12-26 CVE-2021-45573 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
low complexity
netgear CWE-787
8.8
2021-12-26 CVE-2021-45637 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-787
critical
9.8
2021-12-26 CVE-2021-45644 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by incorrect configuration of security settings.
network
low complexity
netgear
critical
9.8
2021-12-26 CVE-2021-45647 Information Exposure vulnerability in Netgear products
Certain NETGEAR devices are affected by disclosure of sensitive information.
network
low complexity
netgear CWE-200
7.5
2021-12-26 CVE-2021-45656 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by server-side injection.
local
low complexity
netgear CWE-74
7.8