Vulnerabilities > Netgear > R7000P Firmware > 1.3.2.134

DATE CVE VULNERABILITY TITLE RISK
2021-12-26 CVE-2021-45616 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45620 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45621 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45622 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45625 Command Injection vulnerability in Netgear R6900P Firmware, R7000P Firmware and Xr300 Firmware
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45647 Information Exposure vulnerability in Netgear products
Certain NETGEAR devices are affected by disclosure of sensitive information.
network
low complexity
netgear CWE-200
7.5
7.5
2021-12-26 CVE-2021-45673 Cross-site Scripting vulnerability in Netgear products
Certain NETGEAR devices are affected by stored XSS.
network
low complexity
netgear CWE-79
5.4
5.4
2021-12-26 CVE-2021-45679 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by privilege escalation.
network
low complexity
netgear
7.2
7.2
2021-11-15 CVE-2021-34991 Out-of-bounds Write vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers.
low complexity
netgear CWE-787
8.8
8.8
2021-09-21 CVE-2021-40847 Cleartext Transmission of Sensitive Information vulnerability in Netgear products
The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack.
network
high complexity
netgear CWE-319
8.1
8.1