R6900 Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-21	CVE-2021-40847	Cleartext Transmission of Sensitive Information vulnerability in Netgear products The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. network high complexity netgear CWE-319	8.1
2021-08-11	CVE-2021-38531	Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by incorrect configuration of security settings. network low complexity netgear	7.2
2021-08-11	CVE-2021-38534	Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. network low complexity netgear CWE-79	4.8
2021-08-11	CVE-2021-38535	Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. network low complexity netgear CWE-79	4.8
2021-08-11	CVE-2021-38536	Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. network low complexity netgear CWE-79	4.8
2021-08-11	CVE-2021-38537	Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. network low complexity netgear CWE-79	4.8
2021-08-11	CVE-2021-38539	Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by privilege escalation. network low complexity netgear	8.8
2021-08-11	CVE-2021-38525	Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. network low complexity netgear CWE-787	7.2
2021-08-11	CVE-2021-38514	Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. network low complexity netgear	2.7
2021-08-11	CVE-2021-38516	Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by lack of access control at the function level. network low complexity netgear critical	9.8