Filtered by vendor Netgear
Subscriptions
Total
1155 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3517 | 1 Netgear | 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more | 2024-08-06 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L. | ||||
| CVE-2013-3316 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-08-06 | 9.8 Critical |
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg". | ||||
| CVE-2013-3317 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-08-06 | 9.8 Critical |
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. | ||||
| CVE-2013-3069 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2024-08-06 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the (1) UserName or (2) Password to the NAS User Setup page, (3) deviceName to USB_advanced.htm, or (4) Network Key to the Wireless Setup page. | ||||
| CVE-2013-3073 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2024-08-06 | 9.8 Critical |
| A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34. | ||||
| CVE-2013-3070 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2024-08-06 | 7.5 High |
| An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN. | ||||
| CVE-2013-3071 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2024-08-06 | 9.8 Critical |
| NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. | ||||
| CVE-2013-3074 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2024-08-06 | 7.5 High |
| NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash). | ||||
| CVE-2013-3072 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2024-08-06 | 9.8 Critical |
| An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal. | ||||
| CVE-2013-2752 | 1 Netgear | 1 Raidiator | 2024-08-06 | N/A |
| Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users. | ||||
| CVE-2013-2751 | 1 Netgear | 1 Raidiator | 2024-08-06 | N/A |
| Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow." | ||||
| CVE-2014-4927 | 3 Acme, Dlink, Netgear | 5 Micro Httpd, Dsl2740u, Dsl2750u and 2 more | 2024-08-06 | N/A |
| Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request. | ||||
| CVE-2014-4864 | 1 Netgear | 1 Prosafe Firmware | 2024-08-06 | N/A |
| The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing cleartext passwords, which might allow remote attackers to obtain sensitive information by reading a file. | ||||
| CVE-2014-3919 | 1 Netgear | 2 Cg3100, Cg3100 Firmware | 2024-08-06 | 9.3 Critical |
| A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp3 V0027 via an embed malicious script in an unspecified page, which could let a malicious user obtain sensitive information. | ||||
| CVE-2014-2969 | 1 Netgear | 2 Gs108pe, Gs108pe Firmware | 2024-08-06 | N/A |
| NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to (1) produce_burn.cgi, (2) register_debug.cgi, or (3) bootcode_update.cgi. | ||||
| CVE-2015-8263 | 1 Netgear | 2 Wnr1000v3, Wnr1000v3 Firmware | 2024-08-06 | N/A |
| NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port. | ||||
| CVE-2015-8288 | 1 Netgear | 4 D3600, D3600 Firmware, D6000 and 1 more | 2024-08-06 | N/A |
| NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. | ||||
| CVE-2015-8289 | 1 Netgear | 4 D3600, D3600 Firmware, D6000 and 1 more | 2024-08-06 | N/A |
| The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code. | ||||
| CVE-2015-6312 | 5 Cisco, Dell, Netgear and 2 more | 9 Telepresence Server 7010, Telepresence Server Mse 8710, Telepresence Server On Multiparty Media 310 and 6 more | 2024-08-06 | N/A |
| Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348. | ||||
| CVE-2015-0718 | 6 Cisco, Netgear, Samsung and 3 more | 7 Nx-os, Unified Computing System, Jr6150 Firmware and 4 more | 2024-08-06 | N/A |
| Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579. | ||||