Vulnerabilities > Netgear > Xr300 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-12-26 CVE-2021-45620 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45621 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45622 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45624 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45625 Command Injection vulnerability in Netgear R6900P Firmware, R7000P Firmware and Xr300 Firmware
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-12-26 CVE-2021-45639 Cross-site Scripting vulnerability in Netgear products
Certain NETGEAR devices are affected by reflected XSS.
network
low complexity
netgear CWE-79
6.1
6.1
2021-11-15 CVE-2021-34991 Out-of-bounds Write vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers.
low complexity
netgear CWE-787
8.8
8.8
2021-08-11 CVE-2021-38528 Command Injection vulnerability in Netgear products
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker.
network
low complexity
netgear CWE-77
critical
 9.8
9.8
2021-08-11 CVE-2021-38517 Out-of-bounds Write vulnerability in Netgear products
Certain NETGEAR devices are affected by out-of-bounds reads and writes.
network
low complexity
netgear CWE-787
7.2
7.2
2021-03-29 CVE-2021-27239 Stack-based Buffer Overflow vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers.
low complexity
netgear CWE-121
8.8
8.8