Vulnerabilities > Netgear > Xr500 Firmware > 2.3.2.32
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-14 | CVE-2021-27253 | Out-of-bounds Write vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. | 8.3 |
2021-04-14 | CVE-2021-27252 | OS Command Injection vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 8.3 |
2021-04-14 | CVE-2021-27251 | Cleartext Transmission of Sensitive Information vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. | 8.3 |
2021-03-23 | CVE-2021-29069 | Command Injection vulnerability in Netgear Wnr2000V5 Firmware, Xr450 Firmware and Xr500 Firmware Certain NETGEAR devices are affected by command injection by an authenticated user. | 5.2 |
2021-03-23 | CVE-2021-29068 | Classic Buffer Overflow vulnerability in Netgear products Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. | 6.5 |
2021-03-05 | CVE-2021-27257 | Improper Certificate Validation vulnerability in Netgear products This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 3.3 |
2021-03-05 | CVE-2021-27256 | OS Command Injection vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 8.3 |
2021-03-05 | CVE-2021-27255 | Missing Authentication for Critical Function vulnerability in Netgear products This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 8.3 |
2021-03-05 | CVE-2021-27254 | Use of Hard-coded Credentials vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. | 8.3 |
2020-12-30 | CVE-2020-35839 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by Stored XSS. | 3.5 |