Vulnerabilities > Netgear > R8500 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-04-24 CVE-2018-21230 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by incorrect configuration of security settings.
low complexity
netgear
4.8
2020-04-24 CVE-2017-18704 Information Exposure vulnerability in Netgear products
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files.
low complexity
netgear CWE-200
3.3
2020-04-24 CVE-2017-18700 Cross-site Scripting vulnerability in Netgear products
Certain NETGEAR devices are affected by stored XSS.
network
netgear CWE-79
4.3
2020-04-24 CVE-2017-18710 Information Exposure vulnerability in Netgear R8300 Firmware and R8500 Firmware
Certain NETGEAR devices are affected by disclosure of sensitive information.
low complexity
netgear CWE-200
3.3
2020-04-24 CVE-2017-18709 Unspecified vulnerability in Netgear R8300 Firmware and R8500 Firmware
Certain NETGEAR devices are affected by incorrect configuration of security settings.
local
low complexity
netgear
4.6
2020-04-24 CVE-2017-18708 Cross-Site Request Forgery (CSRF) vulnerability in Netgear R8300 Firmware and R8500 Firmware
Certain NETGEAR devices are affected by CSRF.
network
netgear CWE-352
6.8
2020-04-24 CVE-2017-18707 Classic Buffer Overflow vulnerability in Netgear R8300 Firmware and R8500 Firmware
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user.
low complexity
netgear CWE-120
5.2
2020-04-23 CVE-2018-21162 OS Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-78
7.5
2020-04-23 CVE-2018-21139 Information Exposure vulnerability in Netgear products
Certain NETGEAR devices are affected by disclosure of sensitive information.
network
low complexity
netgear CWE-200
5.0
2020-04-23 CVE-2018-21134 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-787
7.5