Vulnerabilities > Netgear > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-04 | CVE-2020-27872 | Exposure of Resource to Wrong Sphere vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. | 8.8 |
| 2020-12-30 | CVE-2020-35841 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 7.6 |
| 2020-12-30 | CVE-2020-35839 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by Stored XSS. | 8.1 |
| 2020-12-30 | CVE-2020-35831 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 8.1 |
| 2020-12-30 | CVE-2020-35802 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by disclosure of sensitive information. | 7.5 |
| 2020-12-30 | CVE-2020-35801 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by incorrect configuration of security settings. low complexity netgear | 7.3 |
| 2020-12-30 | CVE-2020-35798 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 7.8 |
| 2020-12-30 | CVE-2020-35789 | OS Command Injection vulnerability in Netgear Nms300 Firmware NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an authenticated user. | 8.8 |
| 2020-12-30 | CVE-2020-35787 | Classic Buffer Overflow vulnerability in Netgear products Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. | 8.0 |
| 2020-12-30 | CVE-2020-35785 | Improper Authentication vulnerability in Netgear Dgn2200 Firmware 1.0.0.507.0.50/1.0.0.55/1.0.0.58 NETGEAR DGN2200v1 devices before v1.0.0.60 mishandle HTTPd authentication (aka PSV-2020-0363, PSV-2020-0364, and PSV-2020-0365). | 8.8 |