Vulnerabilities > Netgear > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-30 | CVE-2020-35796 | Classic Buffer Overflow vulnerability in Netgear products Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. | 10.0 |
| 2020-10-09 | CVE-2020-26908 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 10.0 |
| 2020-08-20 | CVE-2020-15636 | Stack-based Buffer Overflow vulnerability in Netgear R6700 Firmware This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware 1.0.4.84_10.0.58. | 10.0 |
| 2020-04-28 | CVE-2017-18858 | OS Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command execution. | 10.0 |
| 2020-04-28 | CVE-2016-11056 | Unspecified vulnerability in Netgear Readynas Surveillance 1.1.1/1.1.13/1.4.13 Certain NETGEAR devices are affected by anonymous root access. | 9.0 |
| 2020-04-28 | CVE-2016-11054 | OS Command Injection vulnerability in Netgear Dgn2200 Firmware NETGEAR DGN2200v4 devices before 2017-01-06 are affected by command execution and an FTP insecure root directory. | 9.0 |
| 2020-04-01 | CVE-2018-11106 | Command Injection vulnerability in Netgear products NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5. | 9.8 |
| 2020-02-24 | CVE-2019-12511 | OS Command Injection vulnerability in Netgear Nighthawk X10-R9000 Firmware 1.0.4.24 In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. | 9.3 |
| 2020-01-29 | CVE-2013-3317 | Improper Authentication vulnerability in Netgear Wnr1000 Firmware Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. | 10.0 |
| 2020-01-29 | CVE-2013-3316 | Improper Authentication vulnerability in Netgear Wnr1000 Firmware Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg". | 10.0 |