Vulnerabilities > Netgear > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2019-20649 Unspecified vulnerability in Netgear Mr1100 Firmware 12.05.05.00/12.06.03
NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of sensitive information.
network
low complexity
netgear
7.5
7.5
2020-04-15 CVE-2019-20643 Unspecified vulnerability in Netgear Rax40 Firmware 1.0.3.62
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of sensitive information.
network
low complexity
netgear
7.5
7.5
2020-04-15 CVE-2019-20642 Unspecified vulnerability in Netgear Rax40 Firmware 1.0.3.62
NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication bypass.
low complexity
netgear
8.0
8.0
2020-04-15 CVE-2019-20641 Unspecified vulnerability in Netgear Rax40 Firmware 1.0.3.62
NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level.
low complexity
netgear
8.8
8.8
2020-04-15 CVE-2019-20640 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
low complexity
netgear CWE-787
8.8
8.8
2020-04-15 CVE-2020-11770 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
network
low complexity
netgear CWE-77
8.8
8.8
2020-04-15 CVE-2019-20767 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user.
network
low complexity
netgear CWE-787
7.2
7.2
2020-03-23 CVE-2016-11022 OS Command Injection vulnerability in Netgear products
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.
network
low complexity
netgear CWE-78
7.2
7.2
2020-03-13 CVE-2019-13395 Cross-Site Request Forgery (CSRF) vulnerability in Netgear Cg3700B Firmware 2.02.03
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs.
network
low complexity
netgear CWE-352
8.8
8.8
2020-03-13 CVE-2019-13393 Insecure Default Initialization of Resource vulnerability in Netgear Cg3700B Firmware 2.02.03
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key.
network
low complexity
netgear CWE-1188
7.5
7.5