Filtered by vendor Netgear
Subscriptions
Filtered by product R6700v2
Subscriptions
Total
22 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-45498 | 1 Netgear | 2 R6700v2, R6700v2 Firmware | 2024-08-04 | 6.5 Medium |
NETGEAR R6700v2 devices before 1.2.0.88 are affected by authentication bypass. | ||||
CVE-2021-34865 | 1 Netgear | 34 Ac2100, Ac2100 Firmware, Ac2400 and 31 more | 2024-08-04 | 8.8 High |
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13313. |