Vulnerabilities > Netgear > Wndap660 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-04-28 CVE-2017-18863 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command execution via a PHP form.
local
low complexity
netgear CWE-74
7.1
2020-04-27 CVE-2018-21097 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-787
critical
9.8
2020-04-27 CVE-2018-21096 Cross-Site Request Forgery (CSRF) vulnerability in Netgear products
Certain NETGEAR devices are affected by CSRF.
low complexity
netgear CWE-352
7.4
2020-04-27 CVE-2018-21094 Unspecified vulnerability in Netgear products
Certain NETGEAR devices are affected by incorrect configuration of security settings.
network
low complexity
netgear
7.3
2020-04-22 CVE-2018-21120 Cross-Site Request Forgery (CSRF) vulnerability in Netgear products
Certain NETGEAR devices are affected by CSRF.
network
low complexity
netgear CWE-352
8.0
2020-04-21 CVE-2017-18805 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection.
local
low complexity
netgear CWE-74
6.7
2020-04-21 CVE-2017-18806 Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection.
local
low complexity
netgear CWE-74
6.7
2017-04-21 CVE-2016-1555 Command Injection vulnerability in Netgear products
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
network
low complexity
netgear CWE-77
critical
9.8