Vulnerabilities > Netgear > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-30 | CVE-2025-4116 | Classic Buffer Overflow vulnerability in Netgear Jwnr2000 Firmware 1.0.0.11 A vulnerability, which was classified as critical, has been found in Netgear JWNR2000v2 1.0.0.11. | 9.8 |
| 2025-04-30 | CVE-2025-4117 | Classic Buffer Overflow vulnerability in Netgear Jwnr2000 Firmware 1.0.0.11 A vulnerability, which was classified as critical, was found in Netgear JWNR2000v2 1.0.0.11. | 9.8 |
| 2025-04-30 | CVE-2025-4114 | Classic Buffer Overflow vulnerability in Netgear Jwnr2000 Firmware 1.0.0.11 A vulnerability classified as critical has been found in Netgear JWNR2000v2 1.0.0.11. | 9.8 |
| 2024-05-03 | CVE-2023-50231 | Unspecified vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System saveNodeLabel Cross-Site Scripting Privilege Escalation Vulnerability. | 9.6 |
| 2024-05-03 | CVE-2023-38096 | Unspecified vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability. | 9.8 |
| 2023-12-15 | CVE-2023-50089 | Command Injection vulnerability in Netgear Wnr2000 Firmware 1.0.0.70 A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. | 9.8 |
| 2023-12-08 | CVE-2023-49007 | Out-of-bounds Write vulnerability in Netgear Rbr750 Firmware In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd. | 9.8 |
| 2023-11-29 | CVE-2023-49693 | Missing Authentication for Critical Function vulnerability in Netgear Prosafe Network Management System NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port 11611 and it is remotely accessible by unauthenticated users, allowing attackers to execute arbitrary code. | 9.8 |
| 2023-09-01 | CVE-2023-36187 | Classic Buffer Overflow vulnerability in Netgear products Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd. | 9.8 |
| 2023-08-07 | CVE-2023-38928 | Command Injection vulnerability in Netgear R7100Lg Firmware 1.0.0.78 Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi. | 9.8 |