Known Vulnerabilities for products from Netgear
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Netgear".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Netgear can be found at device.report : Netgear
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24655 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2022-03-18 | 2022-03-25 |
| CVE-2021-41449 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.1 - HIGH | 2021-12-09 | 2021-12-13 |
| CVE-2021-41383 | setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in t... | 7.2 - HIGH | 2021-09-17 | 2021-09-29 |
| CVE-2021-41314 | Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty a... | 8.8 - HIGH | 2021-09-16 | 2022-07-12 |
| CVE-2021-40867 | Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated... | 7.1 - HIGH | 2021-09-13 | 2023-08-08 |
| CVE-2021-40866 | Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disable... | 8.8 - HIGH | 2021-09-13 | 2023-08-08 |
| CVE-2021-40847 | The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remot... | 8.1 - HIGH | 2021-09-21 | 2021-10-07 |
| CVE-2021-38539 | Certain NETGEAR devices are affected by privilege escalation. This affects D8500 before 1.0.3.44, R6400v2 before 1.0.2.66, R6... | 8.8 - HIGH | 2021-08-11 | 2022-07-12 |
| CVE-2021-38538 | Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, R8900 before 1... | 6.1 - MEDIUM | 2021-08-11 | 2021-08-19 |
| CVE-2021-38537 | Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before ... | 4.8 - MEDIUM | 2021-08-11 | 2021-08-19 |
| CVE-2021-38536 | Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before ... | 4.8 - MEDIUM | 2021-08-11 | 2021-08-19 |
| CVE-2021-38535 | Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before ... | 4.8 - MEDIUM | 2021-08-11 | 2021-08-19 |
| CVE-2021-38534 | Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1... | 4.8 - MEDIUM | 2021-08-11 | 2021-08-19 |
| CVE-2021-38533 | NETGEAR RAX40 devices before 1.0.3.64 are affected by stored XSS. | 5.4 - MEDIUM | 2021-08-11 | 2021-08-19 |
| CVE-2021-38532 | NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings. | 7.2 - HIGH | 2021-08-11 | 2021-08-19 |
| CVE-2021-38531 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6200 before 1.1.00.40, D7... | 7.2 - HIGH | 2021-08-11 | 2021-08-19 |
| CVE-2021-38530 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK40 before 2.5.1.16,... | 9.8 - CRITICAL | 2021-08-11 | 2021-08-19 |
| CVE-2021-38529 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.56,... | 9.8 - CRITICAL | 2021-08-11 | 2021-08-18 |
| CVE-2021-38528 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D8500 before 1.0.3.58,... | 9.8 - CRITICAL | 2021-08-11 | 2021-08-18 |
| CVE-2021-38527 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14,... | 9.8 - CRITICAL | 2021-08-11 | 2021-08-19 |
Known software with vulnerabilities from Netgear
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Netgear | 6r7500 | - |
| Operating System | Netgear | 6r7500 Firmware | 1.0.0.110 |
| Hardware | Netgear | Ac1200 R6220 | - |
| Operating System | Netgear | Ac1200 R6220 Firmware | 1.1.0.86 |
| Operating System | Netgear | Ac1450 Firmware | - |
| Hardware | Netgear | Ac2100 | - |
| Operating System | Netgear | Ac2100 Firmware | 1.2.0.62 |
| Hardware | Netgear | Ac2400 | - |
| Operating System | Netgear | Ac2400 Firmware | 1.2.0.62 |
| Hardware | Netgear | Ac2600 | - |
| Operating System | Netgear | Ac2600 Firmware | 1.2.0.62 |
| Hardware | Netgear | C6300 | - |
| Operating System | Netgear | C6300 Firmware | - |
| Hardware | Netgear | Cg3100 | - |
| Operating System | Netgear | Cg3100 Firmware | - |
| Hardware | Netgear | Cg3700b | - |
| Operating System | Netgear | Cg3700b Firmware | 2.02.03 |
| Hardware | Netgear | Cm400 | - |
| Operating System | Netgear | Cm400 Firmware | 2017-01-11 |
| Hardware | Netgear | Cm600 | - |