Vulnerabilities > Netgear > Cax80 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-29 CVE-2022-27642 Incorrect Authorization vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-863
8.8
2023-03-29 CVE-2022-27647 OS Command Injection vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-78
8.0
2022-03-18 CVE-2022-24655 Out-of-bounds Write vulnerability in Netgear products
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.
local
low complexity
netgear CWE-787
7.8
2021-11-15 CVE-2021-34991 Out-of-bounds Write vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers.
low complexity
netgear CWE-787
8.8