Vulnerabilities > Netgear > Wnr2000V5 Firmware

DATE CVE VULNERABILITY TITLE RISK
2017-05-26 CVE-2017-6862 Classic Buffer Overflow vulnerability in Netgear products
NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp.
network
low complexity
netgear CWE-120
critical
 9.8
9.8
2017-01-30 CVE-2016-10176 Improper Input Validation vulnerability in Netgear Wnr2000V5 Firmware 1.0.0.34
The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device.
network
low complexity
netgear CWE-20
critical
 9.8
9.8
2017-01-30 CVE-2016-10175 Information Exposure vulnerability in Netgear Wnr2000V5 Firmware 1.0.0.34
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI.
network
low complexity
netgear CWE-200
critical
 9.8
9.8
2017-01-30 CVE-2016-10174 Classic Buffer Overflow vulnerability in Netgear products
The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html.
network
low complexity
netgear CWE-120
critical
 9.8
9.8