Vulnerabilities > Netgear > High

DATE CVE VULNERABILITY TITLE RISK
2016-08-31 CVE-2016-5676 Improper Authorization vulnerability in multiple products
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.
network
low complexity
netgear nuuo CWE-285
7.5
2016-06-20 CVE-2015-8289 Information Exposure vulnerability in Netgear D3600 Firmware and D6000 Firmware
The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
network
low complexity
netgear CWE-200
7.5
2016-04-06 CVE-2015-6312 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348.
network
low complexity
dell netgear zyxel zzinc CWE-119
7.5
2016-03-26 CVE-2016-1349 Resource Management Errors vulnerability in multiple products
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.
network
low complexity
cisco samsung sun intel zyxel netgear zzinc CWE-399
7.5
2016-03-26 CVE-2016-1348 Resource Management Errors vulnerability in multiple products
Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.
network
low complexity
cisco samsung sun zyxel netgear zzinc CWE-399
7.5
2016-03-03 CVE-2015-0718 Resource Management Errors vulnerability in multiple products
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579.
network
low complexity
cisco samsung sun zyxel netgear zzinc CWE-399
7.5
2016-02-13 CVE-2016-1525 Path Traversal vulnerability in Netgear Prosafe Network Management Software 300 1.5.0.11
Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a ..
network
low complexity
netgear CWE-22
8.6
2015-12-27 CVE-2015-8263 Unspecified vulnerability in Netgear Wnr1000V3 and Wnr1000V3 Firmware
NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port.
network
low complexity
netgear
8.6