Vulnerabilities > Netgear > Xr500 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-23 | CVE-2021-29068 | Classic Buffer Overflow vulnerability in Netgear products Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. | 8.8 |
| 2021-03-05 | CVE-2021-27256 | OS Command Injection vulnerability in Netgear products This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 8.8 |
| 2021-03-05 | CVE-2021-27255 | Missing Authentication for Critical Function vulnerability in Netgear products This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 8.8 |
| 2021-03-05 | CVE-2021-27254 | Use of Hard-coded Credentials vulnerability in Netgear products This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. | 8.8 |
| 2020-12-30 | CVE-2020-35839 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by Stored XSS. | 8.1 |
| 2020-12-30 | CVE-2020-35831 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 8.1 |
| 2020-12-30 | CVE-2020-35787 | Classic Buffer Overflow vulnerability in Netgear products Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. | 8.0 |
| 2020-04-22 | CVE-2018-21118 | Improper Authentication vulnerability in Netgear Xr500 Firmware 2.3.2.22 NETGEAR XR500 devices before 2.3.2.32 are affected by authentication bypass. | 8.8 |
| 2020-04-22 | CVE-2018-21117 | Unspecified vulnerability in Netgear Xr500 Firmware 2.3.2.22 NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers via the traceroute handler. low complexity netgear | 8.8 |
| 2020-04-22 | CVE-2018-21116 | Unspecified vulnerability in Netgear Xr500 Firmware 2.3.2.22 NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers. low complexity netgear | 8.8 |