Vulnerabilities > Netgear
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-31 | CVE-2016-5675 | Improper Input Validation vulnerability in multiple products handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the NTPServer parameter. | 9.8 |
| 2016-08-31 | CVE-2016-5674 | Improper Input Validation vulnerability in multiple products __debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter. | 9.8 |
| 2016-06-20 | CVE-2015-8289 | Information Exposure vulnerability in Netgear D3600 Firmware and D6000 Firmware The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code. | 7.5 |
| 2016-06-20 | CVE-2015-8288 | Unspecified vulnerability in Netgear D3600 Firmware and D6000 Firmware NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | 5.9 |
| 2016-04-06 | CVE-2016-1346 | Resource Management Errors vulnerability in multiple products The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673. | 5.9 |
| 2016-04-06 | CVE-2015-6312 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348. | 7.5 |
| 2016-03-26 | CVE-2016-1349 | Resource Management Errors vulnerability in multiple products The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410. | 7.5 |
| 2016-03-26 | CVE-2016-1348 | Resource Management Errors vulnerability in multiple products Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821. | 7.5 |
| 2016-03-26 | CVE-2016-1344 | Resource Management Errors vulnerability in multiple products The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. | 5.9 |
| 2016-03-03 | CVE-2015-0718 | Resource Management Errors vulnerability in multiple products Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579. | 7.5 |