Vulnerabilities > Netgear > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-11 | CVE-2021-38538 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 6.1 |
2021-08-11 | CVE-2021-38524 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. | 4.9 |
2021-03-10 | CVE-2020-35233 | Resource Exhaustion vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external attackers to force device reboots by sending concurrent connections, aka a denial of service attack. | 6.5 |
2021-03-10 | CVE-2020-35230 | Integer Overflow or Wraparound vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware Multiple integer overflow parameters were found in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices. | 6.8 |
2021-03-10 | CVE-2020-35228 | Cross-site Scripting vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware A cross-site scripting (XSS) vulnerability in the administration web panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote attackers to inject arbitrary web script or HTML via the language parameter. | 4.8 |
2021-03-10 | CVE-2020-35225 | Classic Buffer Overflow vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was not properly validating the length of string parameters sent in write requests, potentially allowing denial of service attacks. | 6.8 |
2021-03-10 | CVE-2020-35224 | Classic Buffer Overflow vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware A buffer overflow vulnerability in the NSDP protocol authentication method on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote unauthenticated attackers to force a device reboot. | 6.5 |
2021-03-05 | CVE-2021-27257 | Unspecified vulnerability in Netgear products This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. low complexity netgear | 6.5 |
2021-02-12 | CVE-2020-27867 | Unspecified vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. low complexity netgear | 6.8 |
2021-02-04 | CVE-2020-27873 | Incorrect Authorization vulnerability in Netgear products This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. | 6.5 |