Vulnerabilities > Netgear > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-26 | CVE-2022-27946 | OS Command Injection vulnerability in Netgear R8500 Firmware 1.0.2.158 NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to admin_account.cgi. | 8.8 |
| 2022-03-26 | CVE-2022-27947 | OS Command Injection vulnerability in Netgear R8500 Firmware 1.0.2.158 NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameter. | 8.8 |
| 2022-03-18 | CVE-2022-24655 | Out-of-bounds Write vulnerability in Netgear products A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication. | 7.8 |
| 2022-03-17 | CVE-2021-44262 | Missing Authentication for Critical Function vulnerability in Netgear products A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. | 7.5 |
| 2022-01-25 | CVE-2021-34865 | Incorrect Comparison vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. | 8.8 |
| 2022-01-13 | CVE-2021-34977 | Improper Authentication vulnerability in Netgear R7000 Firmware 1.0.11.11610.2.100 This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. | 8.8 |
| 2022-01-13 | CVE-2021-34978 | Out-of-bounds Write vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. | 8.8 |
| 2022-01-13 | CVE-2021-34979 | Classic Buffer Overflow vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. | 8.8 |
| 2022-01-13 | CVE-2021-34980 | Out-of-bounds Write vulnerability in Netgear R6260 Firmware 1.1.0.781.0.1 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.78_1.0.1 routers. | 8.8 |
| 2021-12-30 | CVE-2021-20166 | Classic Buffer Overflow vulnerability in Netgear Rax43 Firmware 1.0.3.96 Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. | 8.8 |