Vulnerabilities > Netgear

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-15	CVE-2020-11769	Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. network low complexity netgear CWE-79	4.8
2020-04-15	CVE-2020-11768	Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by Stored XSS. network low complexity netgear CWE-79	4.8
2020-04-15	CVE-2019-20767	Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. network low complexity netgear CWE-787	7.2
2020-04-01	CVE-2018-11106	Command Injection vulnerability in Netgear products NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5. network low complexity netgear CWE-77 critical	9.8
2020-03-23	CVE-2016-11022	OS Command Injection vulnerability in Netgear products NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php. network low complexity netgear CWE-78	7.2
2020-03-23	CVE-2019-19964	Unspecified vulnerability in Netgear Gs728Tps Firmware On NETGEAR GS728TPS devices through 5.3.0.35, a remote attacker having network connectivity to the web-administration panel can access part of the web panel, bypassing authentication. network low complexity netgear	2.7
2020-03-13	CVE-2019-13395	Cross-Site Request Forgery (CSRF) vulnerability in Netgear Cg3700B Firmware 2.02.03 The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. network low complexity netgear CWE-352	8.8
2020-03-13	CVE-2019-13394	Insufficiently Protected Credentials vulnerability in Netgear Cg3700B Firmware 2.02.03 The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP. network low complexity netgear CWE-522 critical	9.8
2020-03-13	CVE-2019-13393	Insecure Default Initialization of Resource vulnerability in Netgear Cg3700B Firmware 2.02.03 The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. network low complexity netgear CWE-1188	7.5
2020-03-02	CVE-2019-20489	Improper Authentication vulnerability in Netgear Wnr1000 Firmware 1.1.0.54 An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. network low complexity netgear CWE-287 critical	9.8

Vulnerabilities > Netgear {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Netgear"}]}

Vulnerabilities > Netgear