Total
1822 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45545 | 1 Netgear | 22 R7850, R7850 Firmware, R7900p and 19 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-45544 | 1 Netgear | 22 R7850, R7850 Firmware, R7900p and 19 more | 2024-11-21 | 6.5 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-45543 | 1 Netgear | 14 R7900p, R7900p Firmware, R8000 and 11 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R8000 before 1.0.4.74, RAX200 before 1.0.4.120, R8000P before 1.4.2.84, R7900P before 1.4.2.84, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, and RBK852 before 3.2.17.12. | |||||
| CVE-2021-45542 | 1 Netgear | 12 Rax200, Rax200 Firmware, Rax75 and 9 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-45541 | 1 Netgear | 34 Mr60, Mr60 Firmware, Ms60 and 31 more | 2024-11-21 | 6.5 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900 before 1.0.4.38, R7900P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RBR750 before 3.2.16.6, RBR850 before 3.2.16.6, RBS750 before 3.2.16.6, RBS850 before 3.2.16.6, RBK752 before 3.2.16.6, and RBK852 before 3.2.16.6. | |||||
| CVE-2021-45540 | 1 Netgear | 26 Mr60, Mr60 Firmware, Ms60 and 23 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7000 before 1.0.11.126, R7900 before 1.0.4.46, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.3.106, MR60 before 1.0.6.110, RAX45 before 1.0.2.66, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX50 before 1.0.2.66, and RAX75 before 1.0.3.106. | |||||
| CVE-2021-45539 | 1 Netgear | 24 Mr60, Mr60 Firmware, Ms60 and 21 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.28, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.28, and RAX75 before 1.0.3.106. | |||||
| CVE-2021-45538 | 1 Netgear | 16 Rax75, Rax75 Firmware, Rax80 and 13 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45537 | 1 Netgear | 17 Rax200, Rax200 Firmware, Rax75 and 14 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user . This affects RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45536 | 1 Netgear | 16 Rax75, Rax75 Firmware, Rax80 and 13 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45535 | 1 Netgear | 17 Rax200, Rax200 Firmware, Rax75 and 14 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RAX200 before 1.0.3.106, RAX80 before 1.0.3.106, RAX75 before 1.0.3.106, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6. | |||||
| CVE-2021-45534 | 1 Netgear | 34 Ac2100, Ac2100 Firmware, Ac2400 and 31 more | 2024-11-21 | 6.5 MEDIUM | 7.8 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects AC2100 before 1.2.0.88, AC2400 before 1.2.0.88, AC2600 before 1.2.0.88, D7000 before 1.0.1.82, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.84, R6330 before 1.1.0.84, R6350 before 1.1.0.84, R6700v2 before 1.2.0.88, R6800 before 1.2.0.88, R6850 before 1.1.0.84, R6900v2 before 1.2.0.88, R7200 before 1.2.0.88, R7350 before 1.2.0.88, R7400 before 1.2.0.88, and R7450 before 1.2.0.88. | |||||
| CVE-2021-45533 | 1 Netgear | 18 Ex3700, Ex3700 Firmware, Ex3800 and 15 more | 2024-11-21 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects EX6120 before 1.0.0.66, EX6130 before 1.0.0.46, EX7000 before 1.0.1.106, EX7500 before 1.0.1.76, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, RBR850 before 4.6.3.9, RBS850 before 4.6.3.9, and RBK852 before 4.6.3.9. | |||||
| CVE-2021-45532 | 1 Netgear | 2 R8000, R8000 Firmware | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| NETGEAR R8000 devices before 1.0.4.76 are affected by command injection by an authenticated user. | |||||
| CVE-2021-45531 | 1 Netgear | 2 D6220, D6220 Firmware | 2024-11-21 | 6.5 MEDIUM | 7.1 HIGH |
| NETGEAR D6220 devices before 1.0.0.76 are affected by command injection by an authenticated user. | |||||
| CVE-2021-45514 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
| NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. | |||||
| CVE-2021-45513 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 5.8 MEDIUM | 9.6 CRITICAL |
| NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. | |||||
| CVE-2021-45459 | 1 Node-windows Project | 1 Node-windows | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter. | |||||
| CVE-2021-45456 | 1 Apache | 1 Kylin | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Apache kylin checks the legitimacy of the project before executing some commands with the project name passed in by the user. There is a mismatch between what is being checked and what is being used as the shell command argument in DiagnosisService. This may cause an illegal project name to pass the check and perform the following steps, resulting in a command injection vulnerability. This issue affects Apache Kylin 4.0.0. | |||||
| CVE-2021-45401 | 1 Tendacn | 2 Ac10u, Ac10u Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function. | |||||