Vulnerabilities > Netgear > Wndap350 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-04-28 CVE-2017-18863 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command execution via a PHP form.
local
low complexity
netgear CWE-74
7.1
2020-04-27 CVE-2018-21097 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-787
critical
9.8
2020-04-27 CVE-2018-21096 Cross-Site Request Forgery (CSRF) vulnerability in Netgear products
Certain NETGEAR devices are affected by CSRF.
low complexity
netgear CWE-352
7.4
2020-04-27 CVE-2018-21094 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by incorrect configuration of security settings.
network
low complexity
netgear
7.3
2020-04-22 CVE-2018-21120 Cross-Site Request Forgery (CSRF) vulnerability in Netgear products
Certain NETGEAR devices are affected by CSRF.
network
low complexity
netgear CWE-352
8.0
2020-04-21 CVE-2017-18805 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection.
local
low complexity
netgear CWE-74
6.7
2020-04-21 CVE-2017-18806 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection.
local
low complexity
netgear CWE-74
6.7
2017-04-21 CVE-2016-1557 Information Exposure vulnerability in Netgear products
Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames and passwords over SNMP.
network
low complexity
netgear CWE-200
critical
9.8
2017-04-21 CVE-2016-1556 Information Exposure vulnerability in Netgear products
Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0; and WND930 before 2.0.11 allows remote attackers to read the wireless WPS PIN or passphrase by visiting unauthenticated webpages.
network
low complexity
netgear CWE-200
7.5
2017-04-21 CVE-2016-1555 Command Injection vulnerability in Netgear products
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
network
low complexity
netgear CWE-77
critical
9.8