Vulnerabilities > Netgear > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-26 | CVE-2021-45658 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by server-side injection. | 9.8 |
| 2021-12-26 | CVE-2021-45678 | Unspecified vulnerability in Netgear Rax200 Firmware NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code. | 9.8 |
| 2021-08-11 | CVE-2021-38530 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.8 |
| 2021-08-11 | CVE-2021-38527 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.8 |
| 2021-08-11 | CVE-2021-38528 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.8 |
| 2021-08-11 | CVE-2021-38529 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.8 |
| 2021-08-11 | CVE-2021-38513 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 9.8 |
| 2021-08-11 | CVE-2021-38516 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by lack of access control at the function level. | 9.8 |
| 2021-06-30 | CVE-2021-35973 | Incorrect Comparison vulnerability in Netgear Wac104 Firmware 1.0.4.13 NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the ¤tsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866. | 9.8 |
| 2021-05-21 | CVE-2021-33514 | OS Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field. | 9.8 |