Vulnerabilities > Netgear > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-09 | CVE-2020-26901 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by disclosure of sensitive information. low complexity netgear | 6.5 |
| 2020-10-09 | CVE-2020-26899 | Unspecified vulnerability in Netgear products Certain NETGEAR devices are affected by disclosure of sensitive information. low complexity netgear | 6.5 |
| 2020-08-28 | CVE-2020-5621 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Gs716Tv2 Firmware and Gs724Tv3 Firmware Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified vectors. | 4.3 |
| 2020-08-20 | CVE-2020-15634 | Use of Externally-Controlled Format String vulnerability in Netgear R6700 Firmware This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers with firmware 1.0.4.84_10.0.58. | 6.3 |
| 2020-07-28 | CVE-2020-15417 | Stack-based Buffer Overflow vulnerability in Netgear R6700 Firmware 1.0.4.8410.0.58 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. | 6.3 |
| 2020-07-28 | CVE-2020-10930 | Unspecified vulnerability in Netgear R6700 Firmware 1.0.4.8410.0.58 This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. low complexity netgear | 6.5 |
| 2020-06-18 | CVE-2020-14434 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2020-06-18 | CVE-2020-14433 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2020-05-28 | CVE-2020-13245 | Improper Certificate Validation vulnerability in Netgear products Certain NETGEAR devices are affected by Missing SSL Certificate Validation. | 5.9 |
| 2020-05-18 | CVE-2020-11550 | Unspecified vulnerability in Netgear Rbs50Y Firmware, Srr60 Firmware and Srs60 Firmware An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. low complexity netgear | 6.5 |