Vulnerabilities > Netgear > Rax43 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-29 | CVE-2022-27642 | Incorrect Authorization vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. | 8.8 |
| 2023-03-29 | CVE-2022-27647 | OS Command Injection vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. | 8.0 |
| 2023-03-29 | CVE-2022-27645 | Missing Authentication for Critical Function vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. | 8.8 |
| 2021-12-30 | CVE-2021-20166 | Classic Buffer Overflow vulnerability in Netgear Rax43 Firmware 1.0.3.96 Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. | 8.8 |
| 2021-12-30 | CVE-2021-20167 | Command Injection vulnerability in Netgear Rax43 Firmware 1.0.3.96 Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. | 8.0 |
| 2021-12-30 | CVE-2021-20168 | Improper Authentication vulnerability in Netgear Rax43 Firmware 1.0.3.96 Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. | 6.8 |
| 2021-12-30 | CVE-2021-20169 | Cleartext Transmission of Sensitive Information vulnerability in Netgear Rax43 Firmware 1.0.3.96 Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. | 6.8 |
| 2021-12-30 | CVE-2021-20170 | Use of Hard-coded Credentials vulnerability in Netgear Rax43 Firmware 1.0.3.96 Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. | 8.8 |
| 2021-12-30 | CVE-2021-20171 | Cleartext Storage of Sensitive Information vulnerability in Netgear Rax43 Firmware 1.0.3.96 Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. | 5.5 |
| 2021-12-26 | CVE-2021-45549 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |