Vulnerabilities > Netgear > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-15 | CVE-2023-0848 | Unspecified vulnerability in Netgear Wndr3700 Firmware 1.0.1.14 A vulnerability was found in Netgear WNDR3700v2 1.0.1.14. | 7.5 |
| 2023-02-15 | CVE-2023-0850 | Unspecified vulnerability in Netgear Wndr3700 Firmware 1.0.1.14 A vulnerability was found in Netgear WNDR3700v2 1.0.1.14 and classified as problematic. | 7.5 |
| 2023-02-15 | CVE-2023-24498 | Insufficiently Protected Credentials vulnerability in Netgear Prosafe Fs726Tp Firmware An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text. | 7.5 |
| 2023-02-02 | CVE-2023-23110 | Download of Code Without Integrity Check vulnerability in Netgear products An exploitable firmware modification vulnerability was discovered in certain Netgear products. | 7.4 |
| 2023-01-31 | CVE-2022-48176 | Out-of-bounds Write vulnerability in Netgear products Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow. | 7.8 |
| 2022-12-20 | CVE-2022-46423 | Unspecified vulnerability in Netgear Wnr2000 Firmware An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. | 8.1 |
| 2022-12-20 | CVE-2022-46424 | Unspecified vulnerability in Netgear Xwn5001 Firmware 0.4.1.1 An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. | 8.1 |
| 2022-12-16 | CVE-2022-47208 | OS Command Injection vulnerability in Netgear products The “puhttpsniff” service, which runs by default, is susceptible to command injection due to improperly sanitized user input. | 8.8 |
| 2022-12-16 | CVE-2022-47209 | Improper Authentication vulnerability in Netgear Rax30 Firmware A support user exists on the device and appears to be a backdoor for Technical Support staff. | 8.8 |
| 2022-12-16 | CVE-2022-47210 | OS Command Injection vulnerability in Netgear Rax30 Firmware The default console presented to users over telnet (when enabled) is restricted to a subset of commands. | 7.8 |