Vulnerabilities > Netgear

DATE CVE VULNERABILITY TITLE RISK
2022-01-13 CVE-2021-34979 Classic Buffer Overflow vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers.
low complexity
netgear CWE-120
8.8
8.8
2022-01-13 CVE-2021-34980 Out-of-bounds Write vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers.
low complexity
netgear CWE-787
8.8
8.8
2021-12-30 CVE-2021-20166 Classic Buffer Overflow vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability.
low complexity
netgear CWE-120
8.8
8.8
2021-12-30 CVE-2021-20167 Command Injection vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability.
low complexity
netgear CWE-77
8.0
8.0
2021-12-30 CVE-2021-20168 Improper Authentication vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface.
low complexity
netgear CWE-287
6.8
6.8
2021-12-30 CVE-2021-20169 Cleartext Transmission of Sensitive Information vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface.
low complexity
netgear CWE-319
6.8
6.8
2021-12-30 CVE-2021-20170 Use of Hard-coded Credentials vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials.
network
low complexity
netgear CWE-798
8.8
8.8
2021-12-30 CVE-2021-20171 Cleartext Storage of Sensitive Information vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext.
local
low complexity
netgear CWE-312
5.5
5.5
2021-12-30 CVE-2021-20172 Incorrect Permission Assignment for Critical Resource vulnerability in Netgear Genie Installer
All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability.
local
low complexity
netgear CWE-732
7.8
7.8
2021-12-30 CVE-2021-20173 OS Command Injection vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device.
network
low complexity
netgear CWE-78
8.8
8.8