Vulnerabilities > Netgear > Wndr4700 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-01-28 CVE-2013-3071 Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34
NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass.
network
low complexity
netgear CWE-287
critical
 9.8
9.8
2019-11-14 CVE-2013-3072 Improper Authentication vulnerability in Netgear Wndr4700 Firmware 1.0.0.34
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal.
network
low complexity
netgear CWE-287
critical
 9.8
9.8
2019-11-14 CVE-2013-3073 Path Traversal vulnerability in Netgear Wndr4700 Firmware 1.0.0.34
A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34.
network
low complexity
netgear CWE-22
critical
 9.8
9.8
2017-01-30 CVE-2016-10174 Classic Buffer Overflow vulnerability in Netgear products
The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html.
network
low complexity
netgear CWE-120
critical
 9.8
9.8