Vulnerabilities > Netgear

DATE CVE VULNERABILITY TITLE RISK
2021-12-30 CVE-2021-20166 Classic Buffer Overflow vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability.
low complexity
netgear CWE-120
8.8
8.8
2021-12-30 CVE-2021-20167 Command Injection vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability.
low complexity
netgear CWE-77
8.0
8.0
2021-12-30 CVE-2021-20168 Improper Authentication vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface.
low complexity
netgear CWE-287
6.8
6.8
2021-12-30 CVE-2021-20169 Cleartext Transmission of Sensitive Information vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface.
low complexity
netgear CWE-319
6.8
6.8
2021-12-30 CVE-2021-20170 Use of Hard-coded Credentials vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials.
network
low complexity
netgear CWE-798
8.8
8.8
2021-12-30 CVE-2021-20171 Cleartext Storage of Sensitive Information vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext.
local
low complexity
netgear CWE-312
5.5
5.5
2021-12-30 CVE-2021-20172 Incorrect Permission Assignment for Critical Resource vulnerability in Netgear Genie Installer
All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability.
local
low complexity
netgear CWE-732
7.8
7.8
2021-12-30 CVE-2021-20173 OS Command Injection vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device.
network
low complexity
netgear CWE-78
8.8
8.8
2021-12-30 CVE-2021-20174 Cleartext Transmission of Sensitive Information vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface.
network
low complexity
netgear CWE-319
7.5
7.5
2021-12-30 CVE-2021-20175 Cleartext Transmission of Sensitive Information vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface.
network
low complexity
netgear CWE-319
7.5
7.5