Vulnerabilities > Netgear > R8500 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-29 CVE-2022-27642 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear
8.8
2023-03-29 CVE-2022-27643 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear
8.8
2023-03-29 CVE-2022-27647 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear
8.0
2023-03-29 CVE-2022-27645 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers.
low complexity
netgear
8.8
2022-03-26 CVE-2022-27945 OS Command Injection vulnerability in Netgear R8500 Firmware 1.0.2.158
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi.
network
low complexity
netgear CWE-78
8.8
2022-03-26 CVE-2022-27946 OS Command Injection vulnerability in Netgear R8500 Firmware 1.0.2.158
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to admin_account.cgi.
network
low complexity
netgear CWE-78
8.8
2022-03-26 CVE-2022-27947 OS Command Injection vulnerability in Netgear R8500 Firmware 1.0.2.158
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameter.
network
low complexity
netgear CWE-78
8.8
2021-12-26 CVE-2021-45512 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netgear products
Certain NETGEAR devices are affected by weak cryptography.
network
low complexity
netgear CWE-327
critical
9.8
2021-12-26 CVE-2021-45527 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user.
network
low complexity
netgear CWE-120
critical
9.8
2021-12-26 CVE-2021-45550 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
low complexity
netgear CWE-77
6.8