Filtered by vendor Netgear
Subscribe
Total
1142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-20656 | 1 Netgear | 30 D6200, D6200 Firmware, D7000 and 27 more | 2024-11-21 | 3.3 LOW | 8.8 HIGH |
| Certain NETGEAR devices are affected by a hardcoded password. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.30, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050 before 1.0.1.24, JR6150 before 1.0.1.24, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6230 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, and WNR2020 before 1.1.0.62. | |||||
| CVE-2019-20655 | 1 Netgear | 4 Xr500, Xr500 Firmware, Xr700 and 1 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR500 before 2.3.2.56 and XR700 before 1.0.1.20. | |||||
| CVE-2019-20654 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects WAC505 before 8.0.6.4 and WAC510 before 8.0.6.4. | |||||
| CVE-2019-20653 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| Certain NETGEAR devices are affected by denial of service. This affects WAC505 before 8.0.6.4 and WAC510 before 8.0.6.4. | |||||
| CVE-2019-20652 | 1 Netgear | 2 Wac505, Wac505 Firmware | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| NETGEAR WAC505 devices before 8.2.1.16 are affected by disclosure of sensitive information. | |||||
| CVE-2019-20651 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WAC505 before 8.2.1.16 and WAC510 before 8.2.1.16. | |||||
| CVE-2019-20650 | 1 Netgear | 8 R8900, R8900 Firmware, R9000 and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Certain NETGEAR devices are affected by denial of service. This affects R8900 before 1.0.5.2, R9000 before 1.0.5.2, XR500 before 2.3.2.56, and XR700 before 1.0.1.20. | |||||
| CVE-2019-20649 | 1 Netgear | 2 Mr1100, Mr1100 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of sensitive information. | |||||
| CVE-2019-20648 | 1 Netgear | 2 Rn42400, Rn42400 Firmware | 2024-11-21 | 2.7 LOW | 3.5 LOW |
| NETGEAR RN42400 devices before 6.10.2 are affected by incorrect configuration of security settings. | |||||
| CVE-2019-20647 | 1 Netgear | 2 Rax40, Rax40 Firmware | 2024-11-21 | 2.7 LOW | 5.7 MEDIUM |
| NETGEAR RAX40 devices before 1.0.3.64 are affected by denial of service. | |||||
| CVE-2019-20646 | 1 Netgear | 2 Rax40, Rax40 Firmware | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials. | |||||
| CVE-2019-20645 | 1 Netgear | 2 Rax40, Rax40 Firmware | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS. | |||||
| CVE-2019-20644 | 1 Netgear | 2 Rax40, Rax40 Firmware | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS. | |||||
| CVE-2019-20643 | 1 Netgear | 2 Rax40, Rax40 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of sensitive information. | |||||
| CVE-2019-20642 | 1 Netgear | 2 Rax40, Rax40 Firmware | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
| NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication bypass. | |||||
| CVE-2019-20641 | 1 Netgear | 2 Rax40, Rax40 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level. | |||||
| CVE-2019-20640 | 1 Netgear | 34 D3600, D3600 Firmware, D6000 and 31 more | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32. | |||||
| CVE-2019-20639 | 1 Netgear | 6 Rbk50, Rbk50 Firmware, Rbr50 and 3 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30. | |||||
| CVE-2019-20638 | 1 Netgear | 2 Mr1100, Mr1100 Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of administrative credentials. | |||||
| CVE-2019-20489 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web management interface (setup.cgi) has an authentication bypass and other problems that ultimately allow an attacker to remotely compromise the device from a malicious webpage. The attacker sends an FW_remote.htm&todo=cfg_init request without a cookie, reads the Set-Cookie header in the 401 Unauthorized response, and then repeats the FW_remote.htm&todo=cfg_init request with the specified cookie. | |||||