Vulnerabilities > Netgear > Xr500 Firmware > 2.3.2.22
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2018-21118 | Improper Authentication vulnerability in Netgear Xr500 Firmware 2.3.2.22 NETGEAR XR500 devices before 2.3.2.32 are affected by authentication bypass. | 8.8 |
| 2020-04-22 | CVE-2018-21117 | Unspecified vulnerability in Netgear Xr500 Firmware 2.3.2.22 NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers via the traceroute handler. low complexity netgear | 8.8 |
| 2020-04-22 | CVE-2018-21116 | Unspecified vulnerability in Netgear Xr500 Firmware 2.3.2.22 NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers. low complexity netgear | 8.8 |
| 2020-04-22 | CVE-2018-21115 | Improper Input Validation vulnerability in Netgear Xr500 Firmware 2.3.2.22 NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers. | 8.8 |
| 2020-04-16 | CVE-2019-20736 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. | 6.8 |
| 2020-04-16 | CVE-2019-20735 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. | 6.8 |
| 2020-04-16 | CVE-2019-20727 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2020-04-16 | CVE-2019-20726 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2020-04-16 | CVE-2019-20725 | Out-of-bounds Write vulnerability in Netgear products Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. | 6.8 |
| 2020-04-16 | CVE-2019-20724 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |