Vulnerabilities > Netgear > Cbr40 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-26 | CVE-2021-45639 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by reflected XSS. | 4.3 |
| 2021-12-26 | CVE-2021-45666 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 3.5 |
| 2021-12-26 | CVE-2021-45667 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 3.5 |
| 2021-12-26 | CVE-2021-45670 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 3.5 |
| 2021-12-26 | CVE-2021-45671 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 3.5 |
| 2021-08-11 | CVE-2021-38513 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 10.0 |
| 2021-03-23 | CVE-2021-29080 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Netgear products Certain NETGEAR devices are affected by password reset by an unauthenticated attacker. | 4.8 |
| 2021-03-23 | CVE-2021-29068 | Classic Buffer Overflow vulnerability in Netgear products Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. | 6.5 |
| 2021-02-12 | CVE-2020-27861 | OS Command Injection vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. | 8.3 |
| 2020-12-30 | CVE-2020-35802 | Information Exposure vulnerability in Netgear products Certain NETGEAR devices are affected by disclosure of sensitive information. | 5.0 |