Vulnerabilities > Netgear > Wnr2000V5 Firmware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-26 | CVE-2021-45658 | Injection vulnerability in Netgear products Certain NETGEAR devices are affected by server-side injection. | 9.8 |
| 2021-12-26 | CVE-2021-45619 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.8 |
| 2021-12-26 | CVE-2021-45618 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. | 9.8 |
| 2020-12-30 | CVE-2020-35799 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. | 9.8 |
| 2017-05-26 | CVE-2017-6862 | Classic Buffer Overflow vulnerability in Netgear products NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. | 9.8 |
| 2017-01-30 | CVE-2016-10174 | Classic Buffer Overflow vulnerability in Netgear products The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. | 9.8 |
| 2017-01-30 | CVE-2016-10175 | Information Exposure vulnerability in Netgear Wnr2000V5 Firmware 1.0.0.34 The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. | 9.8 |
| 2017-01-30 | CVE-2016-10176 | Improper Input Validation vulnerability in Netgear Wnr2000V5 Firmware 1.0.0.34 The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. | 9.8 |