Vulnerabilities > Netgear > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-11 CVE-2021-38520 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
network
low complexity
netgear CWE-77
7.2
7.2
2021-08-11 CVE-2021-38521 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
network
low complexity
netgear CWE-77
7.2
7.2
2021-08-11 CVE-2021-38522 Out-of-bounds Write vulnerability in Netgear R6400 Firmware
NETGEAR R6400 devices before 1.0.1.52 are affected by a stack-based buffer overflow by an authenticated user.
network
low complexity
netgear CWE-787
7.2
7.2
2021-08-11 CVE-2021-38523 Out-of-bounds Write vulnerability in Netgear R6400 Firmware
NETGEAR R6400 devices before 1.0.1.70 are affected by a stack-based buffer overflow by an authenticated user.
network
low complexity
netgear CWE-787
7.2
7.2
2021-04-26 CVE-2021-31802 Out-of-bounds Write vulnerability in Netgear R7000 Firmware
NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication.
low complexity
netgear CWE-787
8.8
8.8
2021-04-14 CVE-2021-27253 Out-of-bounds Write vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800.
low complexity
netgear CWE-787
8.8
8.8
2021-04-14 CVE-2021-27252 OS Command Injection vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76.
low complexity
netgear CWE-78
8.8
8.8
2021-04-14 CVE-2021-27251 Cleartext Transmission of Sensitive Information vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800.
low complexity
netgear CWE-319
8.8
8.8
2021-03-29 CVE-2021-27276 Path Traversal vulnerability in Netgear Prosafe Network Management System 1.6.0.26
This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26.
network
low complexity
netgear CWE-22
7.1
7.1
2021-03-29 CVE-2021-27275 Path Traversal vulnerability in Netgear Prosafe Network Management System 1.6.0.26
This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26.
network
low complexity
netgear CWE-22
8.3
8.3