Vulnerabilities > Netgear > Lax20 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-01 | CVE-2023-36187 | Classic Buffer Overflow vulnerability in Netgear products Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. | 9.8 |
| 2023-03-29 | CVE-2022-27645 | Missing Authentication for Critical Function vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. | 8.8 |
| 2021-12-26 | CVE-2021-45549 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 5.2 |
| 2021-12-26 | CVE-2021-45604 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. | 2.7 |
| 2021-12-26 | CVE-2021-45612 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 10.0 |
| 2021-12-26 | CVE-2021-45613 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 10.0 |
| 2021-12-26 | CVE-2021-45614 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 10.0 |
| 2021-12-26 | CVE-2021-45616 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 10.0 |
| 2021-12-26 | CVE-2021-45620 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 10.0 |
| 2021-12-26 | CVE-2021-45621 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 10.0 |