Vulnerabilities > Netgear > Ex6120 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-14 | CVE-2024-35518 | Command Injection vulnerability in Netgear Ex6120 Firmware Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter. | 6.8 |
| 2024-10-14 | CVE-2024-35519 | Command Injection vulnerability in Netgear Ex3700 Firmware, Ex6100 Firmware and Ex6120 Firmware Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter. | 6.8 |
| 2021-12-26 | CVE-2021-45533 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2021-12-26 | CVE-2021-45639 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by reflected XSS. | 6.1 |
| 2021-12-26 | CVE-2021-45665 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2021-12-26 | CVE-2021-45666 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2021-12-26 | CVE-2021-45667 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2021-12-26 | CVE-2021-45668 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2021-12-26 | CVE-2021-45670 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2020-04-24 | CVE-2018-21231 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by incorrect configuration of security settings. low complexity netgear | 5.4 |