Vulnerabilities > Netgear > Wnr3500L Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-04-16 CVE-2019-20737 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
local
low complexity
netgear CWE-787
4.6
4.6
2020-04-16 CVE-2019-20734 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.
low complexity
netgear CWE-120
5.8
5.8
2020-04-16 CVE-2019-20733 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
local
low complexity
netgear CWE-787
4.6
4.6
2020-04-16 CVE-2019-20732 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an authenticated user.
local
low complexity
netgear CWE-77
4.6
4.6
2020-04-16 CVE-2019-20729 Improper Input Validation vulnerability in Netgear products
Certain NETGEAR devices are affected by incorrect configuration of security settings.
local
low complexity
netgear CWE-20
2.1
2.1
2020-04-16 CVE-2019-20728 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user.
local
low complexity
netgear CWE-120
4.6
4.6
2020-04-16 CVE-2019-20712 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user.
low complexity
netgear CWE-120
5.2
5.2
2020-04-16 CVE-2019-20700 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
local
low complexity
netgear CWE-787
4.6
4.6
2020-04-16 CVE-2019-20692 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker.
local
low complexity
netgear CWE-787
4.6
4.6
2019-11-13 CVE-2013-3516 Cross-Site Request Forgery (CSRF) vulnerability in Netgear Wnr3500L Firmware and Wnr3500U Firmware
NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens.
network
netgear CWE-352
4.3
4.3