Vulnerabilities > Netgear > Xr500 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-26 | CVE-2021-45550 | Command Injection vulnerability in Netgear products Certain NETGEAR devices are affected by command injection by an authenticated user. | 6.8 |
| 2021-12-26 | CVE-2021-45603 | Information Exposure vulnerability in Netgear products Certain NETGEAR devices are affected by disclosure of sensitive information. | 5.5 |
| 2021-08-11 | CVE-2021-38534 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2021-08-11 | CVE-2021-38538 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 6.1 |
| 2021-03-05 | CVE-2021-27257 | Improper Certificate Validation vulnerability in Netgear products This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. | 6.5 |
| 2020-12-30 | CVE-2020-35838 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2020-12-30 | CVE-2020-35837 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2020-12-30 | CVE-2020-35836 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2020-12-30 | CVE-2020-35835 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |
| 2020-12-30 | CVE-2020-35834 | Cross-site Scripting vulnerability in Netgear products Certain NETGEAR devices are affected by stored XSS. | 4.8 |