Vulnerabilities (CVE)

Filtered by vendor Netgear Subscribe
Filtered by product Ac1200 R6220
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-47052 1 Netgear 2 Ac1200 R6220, Ac1200 R6220 Firmware 2024-11-21 N/A 6.1 MEDIUM
The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi Router' is vulnerable to a CRLF Injection attack that can be leveraged to perform Reflected XSS and HTML Injection. A malicious unauthenticated attacker can exploit this vulnerability using a specially crafted URL. This affects firmware versions: V1.1.0.112_1.0.1, V1.1.0.114_1.0.1.
CVE-2019-17137 1 Netgear 2 Ac1200 R6220, Ac1200 R6220 Firmware 2024-11-21 7.5 HIGH 9.4 CRITICAL
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of path strings. By inserting a null byte into the path, the user can skip most authentication checks. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-8616.