Vulnerabilities > Netgear > Ms60 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-01 | CVE-2023-36187 | Classic Buffer Overflow vulnerability in Netgear products Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. | 9.8 |
| 2023-02-13 | CVE-2022-48322 | Out-of-bounds Write vulnerability in Netgear products NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. | 9.8 |
| 2023-01-31 | CVE-2022-48176 | Out-of-bounds Write vulnerability in Netgear products Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow. | 7.8 |
| 2021-12-26 | CVE-2021-45539 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 5.2 |
| 2021-12-26 | CVE-2021-45540 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 5.2 |
| 2021-12-26 | CVE-2021-45541 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.5 |
| 2021-12-26 | CVE-2021-45549 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 5.2 |
| 2021-12-26 | CVE-2021-45604 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. | 2.7 |
| 2021-12-26 | CVE-2021-45612 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 10.0 |
| 2021-12-26 | CVE-2021-45613 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 10.0 |