Vulnerabilities > Netgear

DATE CVE VULNERABILITY TITLE RISK
2020-02-13 CVE-2014-3919 Cross-site Scripting vulnerability in Netgear Cg3100 Firmware
A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp3 V0027 via an embed malicious script in an unspecified page, which could let a malicious user obtain sensitive information.
network
low complexity
netgear CWE-79
critical
9.3
2020-02-10 CVE-2019-17137 Unspecified vulnerability in Netgear Ac1200 R6220 Firmware 1.1.0.86
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router.
network
low complexity
netgear
critical
9.4
2020-02-06 CVE-2012-6341 Information Exposure vulnerability in Netgear Wgr614V7 Firmware and Wgr614V9 Firmware
An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext.
network
low complexity
netgear CWE-200
6.5
2020-02-06 CVE-2012-6340 Improper Authentication vulnerability in Netgear Wgr614V7 Firmware and Wgr614V9 Firmware
An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002.
low complexity
netgear CWE-287
4.6
2020-01-29 CVE-2013-3317 Improper Authentication vulnerability in Netgear Wnr1000 Firmware
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.
network
low complexity
netgear CWE-287
critical
9.8
2020-01-29 CVE-2013-3316 Improper Authentication vulnerability in Netgear Wnr1000 Firmware
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg".
network
low complexity
netgear CWE-287
critical
9.8
2020-01-28 CVE-2013-3074 Resource Exhaustion vulnerability in Netgear Wndr4700 Firmware 1.0.0.34
NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash).
network
low complexity
netgear CWE-400
7.5
2020-01-28 CVE-2013-3071 Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34
NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass.
network
low complexity
netgear CWE-287
critical
9.8
2020-01-09 CVE-2019-19494 Classic Buffer Overflow vulnerability in multiple products
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser.
network
low complexity
sagemcom netgear technicolor compal CWE-120
8.8
2019-11-14 CVE-2013-3072 Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal.
network
low complexity
netgear CWE-287
critical
9.8