Vulnerabilities > Netgear > Rax38 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-29 | CVE-2022-27642 | Incorrect Authorization vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. | 8.8 |
| 2023-03-29 | CVE-2022-27647 | OS Command Injection vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. | 8.0 |
| 2023-03-29 | CVE-2022-27645 | Missing Authentication for Critical Function vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. | 8.8 |
| 2021-12-26 | CVE-2021-45493 | Information Exposure vulnerability in Netgear Rax35 Firmware, Rax38 Firmware and Rax40 Firmware Certain NETGEAR devices are affected by disclosure of administrative credentials. | 7.5 |
| 2021-12-09 | CVE-2021-41449 | Path Traversal vulnerability in Netgear Rax35 Firmware, Rax38 Firmware and Rax40 Firmware A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted HTTP packet. | 7.1 |
| 2021-08-11 | CVE-2021-38526 | Classic Buffer Overflow vulnerability in Netgear Rax35 Firmware, Rax38 Firmware and Rax40 Firmware Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. | 7.5 |