Vulnerabilities > Netgear
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-11 | CVE-2019-5055 | NULL Pointer Dereference vulnerability in Netgear Wnr2000 Firmware 1.0.0.70 An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. | 7.5 |
| 2019-09-11 | CVE-2019-5054 | NULL Pointer Dereference vulnerability in Netgear Wnr2000 Firmware 1.0.0.70 An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. | 7.5 |
| 2019-08-14 | CVE-2019-14527 | OS Command Injection vulnerability in Netgear Mr1100 Firmware 12.05.05.00 An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. | 9.8 |
| 2019-08-14 | CVE-2019-14526 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Mr1100 Firmware 12.05.05.00 An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. | 8.1 |
| 2019-08-08 | CVE-2016-10864 | Cross-site Scripting vulnerability in Netgear Ex7000 Firmware NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID. | 5.2 |
| 2019-07-28 | CVE-2019-14363 | Out-of-bounds Write vulnerability in Netgear Wndr3400V3 Firmware 1.0.1.18/1.0.1.22/1.0.1.24 A stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP SSDP packet. | 9.8 |
| 2019-06-17 | CVE-2019-5017 | Information Exposure vulnerability in multiple products An exploitable information disclosure vulnerability exists in the KCodes NetUSB.ko kernel module that enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. | 5.3 |
| 2019-06-17 | CVE-2019-5016 | Information Exposure vulnerability in multiple products An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. | 9.1 |
| 2019-06-11 | CVE-2017-18378 | Command Injection vulnerability in Netgear Readynas Surveillance Firmware In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir'] is not escaped and is passed to system() through $tmp_upload_dir, leading to upgrade_handle.php?cmd=writeuploaddir remote command execution. | 9.8 |
| 2019-06-03 | CVE-2019-12591 | Command Injection vulnerability in Netgear Insight NETGEAR Insight Cloud with firmware before Insight 5.6 allows remote authenticated users to achieve command injection. | 7.6 |