Vulnerabilities > Netgear > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-17 | CVE-2022-42221 | Unspecified vulnerability in Netgear R6220 Firmware 1.1.0.1141.0.1 Netgear R6220 v1.1.0.114_1.0.1 suffers from Incorrect Access Control, resulting in a command injection vulnerability. | 8.8 |
2022-09-20 | CVE-2022-38955 | Improper Validation of Integrity Check Value vulnerability in Netgear Wpn824Ext Firmware 1.1.11.1.9 An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. | 7.5 |
2022-09-08 | CVE-2022-30079 | OS Command Injection vulnerability in Netgear R6200 R6200V2V1.0.3.12 Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter. | 8.8 |
2022-09-07 | CVE-2022-30078 | OS Command Injection vulnerability in Netgear R6200 Firmware and R6300 Firmware NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters. | 8.8 |
2022-05-13 | CVE-2022-29383 | SQL Injection vulnerability in Netgear Ssl312 Firmware Fvs336Gv2/Fvs336Gv3 NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. | 7.5 |
2022-03-18 | CVE-2022-24655 | Out-of-bounds Write vulnerability in Netgear products A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication. | 7.2 |
2022-01-25 | CVE-2021-34865 | Incorrect Comparison vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. | 8.8 |
2022-01-13 | CVE-2021-34978 | Out-of-bounds Write vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. | 8.3 |
2022-01-13 | CVE-2021-34979 | Classic Buffer Overflow vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. | 8.3 |
2022-01-13 | CVE-2021-34980 | Out-of-bounds Write vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. | 8.3 |