Vulnerabilities > Netgear > Wac104 Firmware > 1.0.4.13

DATE CVE VULNERABILITY TITLE RISK
2022-03-17 CVE-2021-44261 Missing Authentication for Critical Function vulnerability in Netgear products
A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication.
network
low complexity
netgear CWE-306
5.0
5.0
2022-03-17 CVE-2021-44262 Missing Authentication for Critical Function vulnerability in Netgear products
A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication.
network
low complexity
netgear CWE-306
5.0
5.0
2021-06-30 CVE-2021-35973 Incorrect Comparison vulnerability in Netgear Wac104 Firmware 1.0.4.13
NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the &currentsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866.
network
low complexity
netgear CWE-697
critical
 10.0
10