Vulnerabilities > Netgear > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-17 CVE-2021-44261 Missing Authentication for Critical Function vulnerability in Netgear products
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication.
network
low complexity
netgear CWE-306
5.3
2022-03-04 CVE-2021-46382 Cross-site Scripting vulnerability in Netgear Wac120 AC Firmware
Unauthenticated cross-site scripting (XSS) in Netgear WAC120 AC Access Point may lead to mulitple attacks like session hijacking even clipboard hijacking.
network
low complexity
netgear CWE-79
6.1
2022-01-25 CVE-2021-34870 Unspecified vulnerability in Netgear Xr1000 1.0.0.521.0.38
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers.
low complexity
netgear
6.5
2021-12-30 CVE-2021-20168 Improper Authentication vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface.
low complexity
netgear CWE-287
6.8
2021-12-30 CVE-2021-20169 Cleartext Transmission of Sensitive Information vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface.
low complexity
netgear CWE-319
6.8
2021-12-30 CVE-2021-20171 Cleartext Storage of Sensitive Information vulnerability in Netgear Rax43 Firmware 1.0.3.96
Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext.
local
low complexity
netgear CWE-312
5.5
2021-12-30 CVE-2021-23147 Improper Authentication vulnerability in Netgear R6700 Firmware 1.0.4.120
Netgear Nighthawk R6700 version 1.0.4.120 does not have sufficient protections for the UART console.
low complexity
netgear CWE-287
6.8
2021-12-26 CVE-2021-45494 Unspecified vulnerability in Netgear Rbk352 Firmware, Rbr350 Firmware and Rbs350 Firmware
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files.
low complexity
netgear
4.5
2021-12-26 CVE-2021-45515 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by denial of service.
low complexity
netgear
6.5
2021-12-26 CVE-2021-45516 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by denial of service.
low complexity
netgear
4.5