Vulnerabilities > Netgear

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-14	CVE-2013-3073	Path Traversal vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34. network low complexity netgear CWE-22 critical	9.8
2019-11-13	CVE-2013-3516	Cross-Site Request Forgery (CSRF) vulnerability in Netgear Wnr3500L Firmware and Wnr3500U Firmware NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens. network low complexity netgear CWE-352	6.5
2019-11-13	CVE-2013-3517	Cross-site Scripting vulnerability in Netgear Wnr3500L Firmware and Wnr3500U Firmware Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L. network low complexity netgear CWE-79	5.4
2019-11-13	CVE-2013-4657	Path Traversal vulnerability in Netgear Wnr3500L Firmware and Wnr3500U Firmware Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service. network low complexity netgear CWE-22 critical	9.8
2019-10-16	CVE-2016-11016	Cross-site Scripting vulnerability in Netgear Jnr1010 Firmware NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS. network low complexity netgear CWE-79	6.1
2019-10-16	CVE-2016-11015	Cross-Site Request Forgery (CSRF) vulnerability in Netgear Jnr1010 Firmware NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter. network low complexity netgear CWE-352	6.5
2019-10-16	CVE-2016-11014	Insufficient Session Expiration vulnerability in Netgear Jnr1010 Firmware NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case. network low complexity netgear CWE-613 critical	9.8
2019-10-09	CVE-2019-17373	Unspecified vulnerability in Netgear products Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. network low complexity netgear critical	9.8
2019-10-09	CVE-2019-17372	Improper Authentication vulnerability in Netgear products Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. network high complexity netgear CWE-287	8.1
2019-09-30	CVE-2019-17049	SQL Injection vulnerability in Netgear Srx5308 Firmware 4.3.53 NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a new user account. network low complexity netgear CWE-89	7.5

Vulnerabilities > Netgear {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Netgear"}]}

Vulnerabilities > Netgear