Vulnerabilities > Netgear
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-30 | CVE-2020-35777 | Command Injection vulnerability in Netgear Dgn2200V1 Firmware NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by command injection. | 8.4 |
| 2020-11-24 | CVE-2020-5641 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Gs108Ev3 Firmware 2.06.10 Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors. | 6.5 |
| 2020-11-09 | CVE-2020-28373 | Out-of-bounds Write vulnerability in Netgear products upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitrary code via a stack-based buffer overflow. | 8.8 |
| 2020-11-02 | CVE-2020-28041 | Incorrect Default Permissions vulnerability in Netgear Nighthawk R7000 Firmware 1.0.9.6410.2.64 The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. | 6.5 |
| 2020-10-13 | CVE-2020-17409 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Netgear products This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66. | 6.5 |
| 2020-10-09 | CVE-2020-26897 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by disclosure of administrative credentials. low complexity netgear | 8.8 |
| 2020-10-09 | CVE-2020-26931 | Unspecified vulnerability in Netgear Wc7500 Firmware, Wc7600 Firmware and Wc9500 Firmware Certain NETGEAR devices are affected by disclosure of sensitive information. low complexity netgear | 6.5 |
| 2020-10-09 | CVE-2020-26930 | Insecure Default Initialization of Resource vulnerability in Netgear Ex7700 Firmware NETGEAR EX7700 devices before 1.0.0.210 are affected by incorrect configuration of security settings. | 3.8 |
| 2020-10-09 | CVE-2020-26929 | Command Injection vulnerability in Netgear R6220 Firmware and R6230 Firmware Certain NETGEAR devices are affected by command injection by an authenticated user. | 8.0 |
| 2020-10-09 | CVE-2020-26928 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 9.6 |