Vulnerabilities > Netgear > Wndr4700 Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-28 | CVE-2013-3074 | Resource Exhaustion vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash). | 7.8 |
2020-01-28 | CVE-2013-3071 | Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. | 7.5 |
2019-11-14 | CVE-2013-3072 | Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal. | 7.5 |
2019-11-14 | CVE-2013-3070 | Information Exposure vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN. | 5.0 |
2019-11-14 | CVE-2013-3073 | Path Traversal vulnerability in Netgear Wndr4700 Firmware 1.0.0.34 A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34. | 10.0 |
2014-04-25 | CVE-2013-3069 | Cross-Site Scripting vulnerability in Netgear Wndr4700 and Wndr4700 Firmware Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the (1) UserName or (2) Password to the NAS User Setup page, (3) deviceName to USB_advanced.htm, or (4) Network Key to the Wireless Setup page. | 3.5 |