Vulnerabilities > Netgear > R8000 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2017-18777 | Insufficiently Protected Credentials vulnerability in Netgear products Certain NETGEAR devices are affected by administrative password disclosure. | 7.8 |
| 2020-04-22 | CVE-2017-18772 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 8.8 |
| 2020-04-21 | CVE-2017-18799 | Improper Input Validation vulnerability in Netgear products Certain NETGEAR devices are affected by incorrect configuration of security settings. | 7.5 |
| 2020-04-21 | CVE-2017-18794 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection. | 8.4 |
| 2020-04-20 | CVE-2017-18849 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection. | 7.8 |
| 2020-04-20 | CVE-2017-18850 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 8.4 |
| 2020-04-16 | CVE-2019-20753 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. | 8.8 |
| 2020-04-15 | CVE-2019-20680 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 8.0 |
| 2020-04-15 | CVE-2020-11770 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 8.8 |
| 2019-10-09 | CVE-2019-17372 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. | 8.1 |