Vulnerabilities > Netgear > Rax35 Firmware > 1.0.3.80
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-29 | CVE-2022-27645 | Missing Authentication for Critical Function vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. | 8.8 |
| 2021-12-26 | CVE-2021-45493 | Information Exposure vulnerability in Netgear Rax35 Firmware, Rax38 Firmware and Rax40 Firmware Certain NETGEAR devices are affected by disclosure of administrative credentials. | 5.0 |
| 2021-12-26 | CVE-2021-45549 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 5.2 |
| 2021-12-26 | CVE-2021-45604 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. | 2.7 |
| 2021-12-09 | CVE-2021-41449 | Path Traversal vulnerability in Netgear Rax35 Firmware, Rax38 Firmware and Rax40 Firmware A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted HTTP packet. | 3.6 |