Vulnerabilities > Netgear > D3600 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-04-16 CVE-2019-20682 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
low complexity
netgear CWE-787
8.8
2020-04-15 CVE-2019-20640 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
low complexity
netgear CWE-787
8.8
2020-04-15 CVE-2019-20767 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user.
network
low complexity
netgear CWE-787
7.2
2016-06-20 CVE-2015-8289 Information Exposure vulnerability in Netgear D3600 Firmware and D6000 Firmware
The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
network
low complexity
netgear CWE-200
7.5
2016-06-20 CVE-2015-8288 Unspecified vulnerability in Netgear D3600 Firmware and D6000 Firmware
NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
network
high complexity
netgear
5.9