Vulnerabilities > Netgear > Dgn2200 Firmware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-11 | CVE-2021-38516 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by lack of access control at the function level. | 9.8 |
| 2019-10-09 | CVE-2019-17373 | Unspecified vulnerability in Netgear products Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. | 9.8 |
| 2018-07-24 | CVE-2016-5649 | Information Exposure vulnerability in Netgear Dgn2200 Firmware and Dgnd3700 Firmware A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. | 9.8 |
| 2017-02-22 | CVE-2017-6077 | OS Command Injection vulnerability in Netgear Dgn2200 Firmware ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request. | 9.8 |