Vulnerabilities > Netgear > Xr300 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-07 CVE-2023-36499 Classic Buffer Overflow vulnerability in Netgear Xr300 Firmware 1.0.3.78
Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi.
network
low complexity
netgear CWE-120
8.8
8.8
2023-03-29 CVE-2022-27643 Classic Buffer Overflow vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers.
low complexity
netgear CWE-120
8.8
8.8
2021-12-26 CVE-2021-45512 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netgear products
Certain NETGEAR devices are affected by weak cryptography.
network
low complexity
netgear CWE-327
critical
 9.8
9.8
2021-12-26 CVE-2021-45527 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user.
network
low complexity
netgear CWE-120
critical
 9.8
9.8
2021-12-26 CVE-2021-45605 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user.
network
low complexity
netgear CWE-787
8.8
8.8
2021-12-26 CVE-2021-45609 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-120
critical
 9.8
9.8
2021-12-26 CVE-2021-45610 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-120
critical
 9.8
9.8
2021-12-26 CVE-2021-45611 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker.
network
low complexity
netgear CWE-120
critical
 9.8
9.8
2021-12-26 CVE-2021-45612 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45617 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8