Vulnerabilities > Netgear > Jnr1010 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2017-18788 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.7 |
| 2020-04-16 | CVE-2019-20738 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 5.4 |
| 2019-10-16 | CVE-2016-11016 | Cross-site Scripting vulnerability in Netgear Jnr1010 Firmware NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS. | 6.1 |
| 2019-10-16 | CVE-2016-11015 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Jnr1010 Firmware NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter. | 6.5 |