Vulnerabilities > Netgear > High

DATE CVE VULNERABILITY TITLE RISK
2021-12-30 CVE-2021-20167 Command Injection vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability.
low complexity
netgear CWE-77
8.0
8.0
2021-12-30 CVE-2021-20170 Use of Hard-coded Credentials vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials.
network
low complexity
netgear CWE-798
8.8
8.8
2021-12-30 CVE-2021-20172 Incorrect Permission Assignment for Critical Resource vulnerability in Netgear Genie Installer
All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability.
local
low complexity
netgear CWE-732
7.8
7.8
2021-12-30 CVE-2021-20173 OS Command Injection vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update functionality of the device.
network
low complexity
netgear CWE-78
8.8
8.8
2021-12-30 CVE-2021-20174 Cleartext Transmission of Sensitive Information vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the web interface.
network
low complexity
netgear CWE-319
7.5
7.5
2021-12-30 CVE-2021-20175 Cleartext Transmission of Sensitive Information vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface.
network
low complexity
netgear CWE-319
7.5
7.5
2021-12-30 CVE-2021-45077 Cleartext Storage of Sensitive Information vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 stores sensitive information in plaintext.
network
low complexity
netgear CWE-312
7.5
7.5
2021-12-30 CVE-2021-45732 Use of Hard-coded Credentials vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential.
network
low complexity
netgear CWE-798
8.8
8.8
2021-12-26 CVE-2021-45493 Information Exposure vulnerability in Netgear Rax35 Firmware, Rax38 Firmware and Rax40 Firmware
Certain NETGEAR devices are affected by disclosure of administrative credentials.
network
low complexity
netgear CWE-200
7.5
7.5
2021-12-26 CVE-2021-45499 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by authentication bypass.
network
low complexity
netgear
8.8
8.8