Vulnerabilities > Netgear > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-14 CVE-2024-35518 Command Injection vulnerability in Netgear Ex6120 Firmware
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter.
low complexity
netgear CWE-77
6.8
6.8
2024-10-14 CVE-2024-35519 Command Injection vulnerability in Netgear Ex3700 Firmware, Ex6100 Firmware and Ex6120 Firmware
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.
low complexity
netgear CWE-77
6.8
6.8
2024-10-14 CVE-2024-35520 Command Injection vulnerability in Netgear R7000 Firmware 1.0.11.136
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter.
low complexity
netgear CWE-77
6.8
6.8
2024-06-07 CVE-2024-36788 Unspecified vulnerability in Netgear Wnr614 Firmware 1.1.0.541.0.1
Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies.
network
high complexity
netgear
4.8
4.8
2024-05-03 CVE-2023-40478 Out-of-bounds Write vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability.
low complexity
netgear CWE-787
6.8
6.8
2024-05-03 CVE-2023-27357 Missing Authentication for Critical Function vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability.
low complexity
netgear CWE-306
6.5
6.5
2024-05-03 CVE-2023-27370 Cleartext Storage of Sensitive Information vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 Device Configuration Cleartext Storage Information Disclosure Vulnerability.
low complexity
netgear CWE-312
5.7
5.7
2024-05-03 CVE-2023-34283 Link Following vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability.
low complexity
netgear CWE-59
4.6
4.6
2024-05-03 CVE-2023-34284 Use of Hard-coded Credentials vulnerability in Netgear Rax30 Firmware
NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability.
low complexity
netgear CWE-798
6.3
6.3
2024-02-11 CVE-2024-1431 Unspecified vulnerability in Netgear R7000 Firmware 1.0.11.13610.2.120
A vulnerability was found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic.
low complexity
netgear
6.5
6.5