Vulnerabilities > Netgear

DATE CVE VULNERABILITY TITLE RISK
2022-03-18 CVE-2022-24655 Out-of-bounds Write vulnerability in Netgear products
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.
local
low complexity
netgear CWE-787
7.8
2022-03-17 CVE-2021-44261 Missing Authentication for Critical Function vulnerability in Netgear products
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication.
network
low complexity
netgear CWE-306
5.3
2022-03-17 CVE-2021-44262 Missing Authentication for Critical Function vulnerability in Netgear products
A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication.
network
low complexity
netgear CWE-306
7.5
2022-03-04 CVE-2021-46382 Cross-site Scripting vulnerability in Netgear Wac120 AC Firmware
Unauthenticated cross-site scripting (XSS) in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking.
network
low complexity
netgear CWE-79
6.1
2022-01-25 CVE-2021-34865 Incorrect Comparison vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers.
low complexity
netgear CWE-697
8.8
2022-01-25 CVE-2021-34870 Unspecified vulnerability in Netgear Xr1000 1.0.0.521.0.38
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers.
low complexity
netgear
6.5
2022-01-13 CVE-2021-34977 Improper Authentication vulnerability in Netgear R7000 Firmware 1.0.11.11610.2.100
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers.
low complexity
netgear CWE-287
8.8
2022-01-13 CVE-2021-34978 Out-of-bounds Write vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers.
low complexity
netgear CWE-787
8.8
2022-01-13 CVE-2021-34979 Classic Buffer Overflow vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers.
low complexity
netgear CWE-120
8.8
2022-01-13 CVE-2021-34980 Out-of-bounds Write vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers.
low complexity
netgear CWE-787
8.8