Filtered by vendor Netgear Subscriptions
Total 1208 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-20655 1 Netgear 4 Xr500, Xr500 Firmware, Xr700 and 1 more 2024-11-21 7.8 High
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR500 before 2.3.2.56 and XR700 before 1.0.1.20.
CVE-2019-20654 1 Netgear 4 Wac505, Wac505 Firmware, Wac510 and 1 more 2024-11-21 7.5 High
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects WAC505 before 8.0.6.4 and WAC510 before 8.0.6.4.
CVE-2019-20653 1 Netgear 4 Wac505, Wac505 Firmware, Wac510 and 1 more 2024-11-21 6.5 Medium
Certain NETGEAR devices are affected by denial of service. This affects WAC505 before 8.0.6.4 and WAC510 before 8.0.6.4.
CVE-2019-20652 1 Netgear 2 Wac505, Wac505 Firmware 2024-11-21 6.5 Medium
NETGEAR WAC505 devices before 8.2.1.16 are affected by disclosure of sensitive information.
CVE-2019-20651 1 Netgear 4 Wac505, Wac505 Firmware, Wac510 and 1 more 2024-11-21 6.7 Medium
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WAC505 before 8.2.1.16 and WAC510 before 8.2.1.16.
CVE-2019-20650 1 Netgear 8 R8900, R8900 Firmware, R9000 and 5 more 2024-11-21 7.5 High
Certain NETGEAR devices are affected by denial of service. This affects R8900 before 1.0.5.2, R9000 before 1.0.5.2, XR500 before 2.3.2.56, and XR700 before 1.0.1.20.
CVE-2019-20649 1 Netgear 2 Mr1100, Mr1100 Firmware 2024-11-21 7.5 High
NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of sensitive information.
CVE-2019-20648 1 Netgear 2 Rn42400, Rn42400 Firmware 2024-11-21 3.5 Low
NETGEAR RN42400 devices before 6.10.2 are affected by incorrect configuration of security settings.
CVE-2019-20647 1 Netgear 2 Rax40, Rax40 Firmware 2024-11-21 5.7 Medium
NETGEAR RAX40 devices before 1.0.3.64 are affected by denial of service.
CVE-2019-20646 1 Netgear 2 Rax40, Rax40 Firmware 2024-11-21 9.8 Critical
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials.
CVE-2019-20645 1 Netgear 2 Rax40, Rax40 Firmware 2024-11-21 4.8 Medium
NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.
CVE-2019-20644 1 Netgear 2 Rax40, Rax40 Firmware 2024-11-21 4.8 Medium
NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.
CVE-2019-20643 1 Netgear 2 Rax40, Rax40 Firmware 2024-11-21 7.5 High
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of sensitive information.
CVE-2019-20642 1 Netgear 2 Rax40, Rax40 Firmware 2024-11-21 8.0 High
NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication bypass.
CVE-2019-20641 1 Netgear 2 Rax40, Rax40 Firmware 2024-11-21 8.8 High
NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level.
CVE-2019-20640 1 Netgear 34 D3600, D3600 Firmware, D6000 and 31 more 2024-11-21 8.8 High
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32.
CVE-2019-20639 1 Netgear 6 Rbk50, Rbk50 Firmware, Rbr50 and 3 more 2024-11-21 4.8 Medium
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2019-20638 1 Netgear 2 Mr1100, Mr1100 Firmware 2024-11-21 6.5 Medium
NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of administrative credentials.
CVE-2019-20489 1 Netgear 2 Wnr1000, Wnr1000 Firmware 2024-11-21 9.8 Critical
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web management interface (setup.cgi) has an authentication bypass and other problems that ultimately allow an attacker to remotely compromise the device from a malicious webpage. The attacker sends an FW_remote.htm&todo=cfg_init request without a cookie, reads the Set-Cookie header in the 401 Unauthorized response, and then repeats the FW_remote.htm&todo=cfg_init request with the specified cookie.
CVE-2019-20488 1 Netgear 2 Wnr1000, Wnr1000 Firmware 2024-11-21 9.8 Critical
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the web management interface (setup.cgi) are vulnerable to command injection, allowing remote attackers to execute arbitrary commands, as demonstrated by shell metacharacters in the sysDNSHost parameter.