Vulnerabilities > Netgear > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-30 | CVE-2021-35973 | Incorrect Comparison vulnerability in Netgear Wac104 Firmware 1.0.4.13 NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the ¤tsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866. | 9.8 |
| 2021-05-21 | CVE-2021-33514 | OS Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field. | 9.8 |
| 2021-03-29 | CVE-2021-27274 | Unspecified vulnerability in Netgear Prosafe Network Management System 1.6.0.26 This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. | 9.8 |
| 2021-03-23 | CVE-2021-29079 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.6 |
| 2021-03-23 | CVE-2021-29078 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.6 |
| 2021-03-23 | CVE-2021-29077 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.6 |
| 2021-03-23 | CVE-2021-29076 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.6 |
| 2021-03-23 | CVE-2021-29071 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 9.0 |
| 2021-03-23 | CVE-2021-29067 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 9.6 |
| 2021-03-23 | CVE-2021-29066 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by authentication bypass. | 9.6 |