Vulnerabilities > Netgear > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-13 CVE-2021-34977 Improper Authentication vulnerability in Netgear R7000 Firmware 1.0.11.11610.2.100
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers.
low complexity
netgear CWE-287
8.8
8.8
2022-01-13 CVE-2021-34978 Out-of-bounds Write vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers.
low complexity
netgear CWE-787
8.8
8.8
2022-01-13 CVE-2021-34979 Classic Buffer Overflow vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers.
low complexity
netgear CWE-120
8.8
8.8
2022-01-13 CVE-2021-34980 Out-of-bounds Write vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers.
low complexity
netgear CWE-787
8.8
8.8
2021-12-30 CVE-2021-20166 Classic Buffer Overflow vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability.
low complexity
netgear CWE-120
8.8
8.8
2021-12-30 CVE-2021-20167 Command Injection vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability.
low complexity
netgear CWE-77
8.0
8.0
2021-12-30 CVE-2021-20170 Use of Hard-coded Credentials vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials.
network
low complexity
netgear CWE-798
8.8
8.8
2021-12-30 CVE-2021-20172 Incorrect Permission Assignment for Critical Resource vulnerability in Netgear Genie Installer
All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability.
local
low complexity
netgear CWE-732
7.8
7.8
2021-12-30 CVE-2021-20173 OS Command Injection vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device.
network
low complexity
netgear CWE-78
8.8
8.8
2021-12-30 CVE-2021-20174 Cleartext Transmission of Sensitive Information vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface.
network
low complexity
netgear CWE-319
7.5
7.5