Vulnerabilities > Netgear > D3600 Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-16 | CVE-2019-20682 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. | 8.8 |
2020-04-15 | CVE-2019-20640 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. | 8.8 |
2020-04-15 | CVE-2019-20767 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. | 7.2 |
2016-06-20 | CVE-2015-8289 | Information Exposure vulnerability in Netgear D3600 Firmware and D6000 Firmware The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code. | 7.5 |
2016-06-20 | CVE-2015-8288 | Unspecified vulnerability in Netgear D3600 Firmware and D6000 Firmware NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | 5.9 |