Vulnerabilities > Netgear > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-26 | CVE-2021-45603 | Information Exposure vulnerability in Netgear products Certain NETGEAR devices are affected by disclosure of sensitive information. | 2.1 |
| 2021-12-26 | CVE-2021-45521 | Use of Hard-coded Credentials vulnerability in Netgear Rbk352 Firmware, Rbr350 Firmware and Rbs350 Firmware Certain NETGEAR devices are affected by a hardcoded password. | 3.3 |
| 2021-12-26 | CVE-2021-45516 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by denial of service. low complexity netgear | 2.7 |
| 2021-12-26 | CVE-2021-45515 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by denial of service. low complexity netgear | 3.3 |
| 2021-12-09 | CVE-2021-41449 | Path Traversal vulnerability in Netgear Rax35 Firmware, Rax38 Firmware and Rax40 Firmware A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted HTTP packet. | 3.6 |
| 2021-03-23 | CVE-2021-29082 | Information Exposure vulnerability in Netgear products Certain NETGEAR devices are affected by disclosure of sensitive information. | 3.3 |
| 2021-03-10 | CVE-2020-35228 | Cross-site Scripting vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware A cross-site scripting (XSS) vulnerability in the administration web panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote attackers to inject arbitrary web script or HTML via the language parameter. | 3.5 |
| 2021-03-10 | CVE-2020-35221 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was found to be insecure, allowing attackers (with access to a network capture) to quickly generate multiple collisions to generate valid passwords, or infer some parts of the original. | 3.3 |
| 2021-03-05 | CVE-2021-27257 | Improper Certificate Validation vulnerability in Netgear products This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 3.3 |
| 2021-02-04 | CVE-2020-27873 | Incorrect Authorization vulnerability in Netgear products This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. | 3.3 |