Vulnerabilities > Netgear > Mr60 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-09-01 CVE-2023-36187 Classic Buffer Overflow vulnerability in Netgear products
Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.
network
low complexity
netgear CWE-120
critical
9.8
2023-03-29 CVE-2022-27642 Incorrect Authorization vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-863
8.8
2023-03-29 CVE-2022-27647 OS Command Injection vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-78
8.0
2023-02-13 CVE-2022-48322 Out-of-bounds Write vulnerability in Netgear products
NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability.
network
low complexity
netgear CWE-787
critical
9.8
2023-01-31 CVE-2022-48176 Out-of-bounds Write vulnerability in Netgear products
Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow.
local
low complexity
netgear CWE-787
7.8
2021-12-26 CVE-2021-45539 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-77
6.8
2021-12-26 CVE-2021-45540 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-77
8.4
2021-12-26 CVE-2021-45541 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
network
low complexity
netgear CWE-77
8.8
2021-12-26 CVE-2021-45549 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-77
6.8
2021-12-26 CVE-2021-45604 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user.
low complexity
netgear CWE-787
4.5