Vulnerabilities > Netgear > Ex6400 Firmware > 1.0.1.72
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-05 | CVE-2021-27256 | OS Command Injection vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 8.3 |
| 2021-03-05 | CVE-2021-27255 | Missing Authentication for Critical Function vulnerability in Netgear products This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 8.3 |
| 2021-03-05 | CVE-2021-27254 | Use of Hard-coded Credentials vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. | 8.3 |
| 2020-12-30 | CVE-2020-35800 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by incorrect configuration of security settings. | 9.7 |
| 2020-12-30 | CVE-2020-35799 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. | 7.5 |
| 2020-04-27 | CVE-2018-21167 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 3.5 |
| 2020-04-27 | CVE-2018-21153 | Classic Buffer Overflow vulnerability in Netgear products Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. | 7.5 |
| 2020-04-24 | CVE-2018-21231 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by incorrect configuration of security settings. low complexity netgear | 4.8 |
| 2020-04-24 | CVE-2018-21230 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by incorrect configuration of security settings. low complexity netgear | 4.8 |
| 2020-04-22 | CVE-2018-21114 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 5.2 |