Vulnerabilities > Netgear > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-04-23 CVE-2018-21131 Unspecified vulnerability in Netgear Wac505 Firmware and Wac510 Firmware
Certain NETGEAR devices are affected by unauthenticated firmware downgrade.
network
low complexity
netgear
critical
 9.1
9.1
2020-04-16 CVE-2019-20730 SQL Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by SQL injection.
network
low complexity
netgear CWE-89
critical
 9.8
9.8
2020-04-16 CVE-2019-20699 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-120
critical
 9.8
9.8
2020-04-15 CVE-2019-20679 Unspecified vulnerability in Netgear Mr1100 Firmware 12.05.05.00/12.06.03
NETGEAR MR1100 devices before 12.06.08.00 are affected by lack of access control at the function level.
network
low complexity
netgear
critical
 9.8
9.8
2020-04-15 CVE-2020-11790 Unspecified vulnerability in Netgear R7800 Firmware
NETGEAR R7800 devices before 1.0.2.68 are affected by remote code execution by unauthenticated attackers.
network
low complexity
netgear
critical
 9.8
9.8
2020-04-15 CVE-2020-11789 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2020-04-15 CVE-2019-20646 Information Exposure vulnerability in Netgear Rax40 Firmware 1.0.3.62
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials.
network
low complexity
netgear CWE-200
critical
 9.8
9.8
2020-04-01 CVE-2018-11106 Command Injection vulnerability in Netgear products
NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2020-03-13 CVE-2019-13394 Insufficiently Protected Credentials vulnerability in Netgear Cg3700B Firmware 2.02.03
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP.
network
low complexity
netgear CWE-522
critical
 9.8
9.8
2020-03-02 CVE-2019-20489 Improper Authentication vulnerability in Netgear Wnr1000 Firmware 1.1.0.54
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices.
network
low complexity
netgear CWE-287
critical
 9.8
9.8