Vulnerabilities > Netgear > Xr500 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-23 CVE-2021-29068 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user.
network
low complexity
netgear CWE-120
8.8
2021-03-05 CVE-2021-27256 Unspecified vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76.
low complexity
netgear
8.8
2021-03-05 CVE-2021-27255 Unspecified vulnerability in Netgear products
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76.
low complexity
netgear
8.8
2021-03-05 CVE-2021-27254 Use of Hard-coded Credentials vulnerability in Netgear products
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800.
low complexity
netgear CWE-798
8.8
2020-12-30 CVE-2020-35839 Cross-site Scripting vulnerability in Netgear products
Certain NETGEAR devices are affected by Stored XSS.
network
low complexity
netgear CWE-79
8.1
2020-12-30 CVE-2020-35831 Cross-site Scripting vulnerability in Netgear products
Certain NETGEAR devices are affected by stored XSS.
network
low complexity
netgear CWE-79
8.1
2020-12-30 CVE-2020-35787 Classic Buffer Overflow vulnerability in Netgear products
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user.
low complexity
netgear CWE-120
8.0
2020-04-22 CVE-2018-21118 Improper Authentication vulnerability in Netgear Xr500 Firmware 2.3.2.22
NETGEAR XR500 devices before 2.3.2.32 are affected by authentication bypass.
low complexity
netgear CWE-287
8.8
2020-04-22 CVE-2018-21117 Unspecified vulnerability in Netgear Xr500 Firmware 2.3.2.22
NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers via the traceroute handler.
low complexity
netgear
8.8
2020-04-22 CVE-2018-21116 Unspecified vulnerability in Netgear Xr500 Firmware 2.3.2.22
NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers.
low complexity
netgear
8.8