Vulnerabilities > Netgear > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-02 | CVE-2019-20487 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Wnr1000 Firmware 1.1.0.54 An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. | 8.8 |
| 2020-01-28 | CVE-2013-3074 | Resource Exhaustion vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash). | 7.5 |
| 2020-01-09 | CVE-2019-19494 | Classic Buffer Overflow vulnerability in multiple products Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. | 8.8 |
| 2019-11-14 | CVE-2013-3070 | Information Exposure vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN. | 7.5 |
| 2019-10-09 | CVE-2019-17372 | Improper Authentication vulnerability in Netgear products Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. | 8.1 |
| 2019-09-30 | CVE-2019-17049 | SQL Injection vulnerability in Netgear Srx5308 Firmware 4.3.53 NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a new user account. | 7.5 |
| 2019-09-11 | CVE-2019-5055 | NULL Pointer Dereference vulnerability in Netgear Wnr2000 Firmware 1.0.0.70 An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. | 7.5 |
| 2019-09-11 | CVE-2019-5054 | NULL Pointer Dereference vulnerability in Netgear Wnr2000 Firmware 1.0.0.70 An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. | 7.5 |
| 2019-08-14 | CVE-2019-14526 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Mr1100 Firmware 12.05.05.00 An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. | 8.1 |
| 2019-06-03 | CVE-2019-12591 | Command Injection vulnerability in Netgear Insight NETGEAR Insight Cloud with firmware before Insight 5.6 allows remote authenticated users to achieve command injection. | 7.6 |