Vulnerabilities > Netgear > R7000P Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-21 CVE-2017-18799 Improper Input Validation vulnerability in Netgear products
Certain NETGEAR devices are affected by incorrect configuration of security settings.
network
low complexity
netgear CWE-20
7.5
2020-04-20 CVE-2017-18849 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection.
local
low complexity
netgear CWE-74
7.8
2020-04-20 CVE-2017-18850 Improper Authentication vulnerability in Netgear products
Certain NETGEAR devices are affected by authentication bypass.
local
low complexity
netgear CWE-287
8.4
2020-04-16 CVE-2019-20753 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
low complexity
netgear CWE-787
8.8
2020-04-16 CVE-2019-20734 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.
low complexity
netgear CWE-120
8.8
2020-04-15 CVE-2019-20680 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-77
8.0
2020-04-15 CVE-2020-11770 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
network
low complexity
netgear CWE-77
8.8
2019-10-09 CVE-2019-17372 Improper Authentication vulnerability in Netgear products
Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi.
network
high complexity
netgear CWE-287
8.1