Vulnerabilities > Netgear > Lax20 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-09-01 CVE-2023-36187 Classic Buffer Overflow vulnerability in Netgear products
Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.
network
low complexity
netgear CWE-120
critical
9.8
2023-03-29 CVE-2022-27642 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear
8.8
2023-03-29 CVE-2022-27647 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear
8.0
2023-03-29 CVE-2022-27645 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers.
low complexity
netgear
8.8
2021-12-26 CVE-2021-45549 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-77
6.8
2021-12-26 CVE-2021-45604 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user.
low complexity
netgear CWE-787
4.5
2021-12-26 CVE-2021-45612 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
9.8
2021-12-26 CVE-2021-45613 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
9.8
2021-12-26 CVE-2021-45614 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
9.8
2021-12-26 CVE-2021-45616 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
9.8