Known Vulnerabilities for products from Netgear

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Netgear".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Additional devices specifications by Netgear can be found at device.report : Netgear

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-30280 Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attack... 9.8 - CRITICAL 2023-04-26 2023-04-26
CVE-2023-28338 Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartbou... 7.5 - HIGH 2023-03-15 2023-03-15
CVE-2023-28337 When uploading a firmware image to a Netgear Nighthawk Wifi6 Router (RAX30), a hidden “forceFWUpdate” parameter may be pr... 8.8 - HIGH 2023-03-15 2023-03-15
CVE-2023-27853 NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow ... 9.8 - CRITICAL 2023-03-10 2023-03-10
CVE-2023-27852 NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that co... 9.8 - CRITICAL 2023-03-10 2023-03-10
CVE-2023-27851 NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with u... 8.8 - HIGH 2023-03-10 2023-03-10
CVE-2023-27850 NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this fe... 6.8 - MEDIUM 2023-03-10 2023-03-10
CVE-2023-2396 A vulnerability classified as problematic was found in Netgear SRX5308 up to 4.3.5-3. This vulnerability affects unknown code... 6.1 - MEDIUM 2023-04-28 2023-04-28
CVE-2023-2395 A vulnerability classified as problematic has been found in Netgear SRX5308 up to 4.3.5-3. This affects an unknown part of th... 6.1 - MEDIUM 2023-04-28 2023-04-28
CVE-2023-2394 A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been rated as problematic. Affected by this issue is some ... 4.8 - MEDIUM 2023-04-28 2023-04-28
CVE-2022-24655 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.8 - HIGH 2022-03-18 2022-03-25
CVE-2021-41449 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.1 - HIGH 2021-12-09 2021-12-13
CVE-2021-41383 setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to execute arbitrary shell commands via shell metacharacters in t... 7.2 - HIGH 2021-09-17 2021-09-29
CVE-2021-41314 Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty a... 8.8 - HIGH 2021-09-16 2022-07-12
CVE-2021-40867 Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated... 7.1 - HIGH 2021-09-13 2022-01-04
CVE-2021-40866 Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disable... 8.8 - HIGH 2021-09-13 2022-01-04
CVE-2021-40847 The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remot... 8.1 - HIGH 2021-09-21 2021-10-07
CVE-2021-38539 Certain NETGEAR devices are affected by privilege escalation. This affects D8500 before 1.0.3.44, R6400v2 before 1.0.2.66, R6... 8.8 - HIGH 2021-08-11 2022-07-12
CVE-2021-38538 Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, R8900 before 1... 6.1 - MEDIUM 2021-08-11 2021-08-19
CVE-2021-38537 Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before ... 4.8 - MEDIUM 2021-08-11 2021-08-19
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Netgear

Type Vendor Product Version
HardwareNetgear6r7500-
Operating
System		Netgear6r7500 Firmware1.0.0.110
HardwareNetgearAc1200 R6220-
Operating
System		NetgearAc1200 R6220 Firmware1.1.0.86
Operating
System		NetgearAc1450 Firmware-
HardwareNetgearAc2100-
Operating
System		NetgearAc2100 Firmware1.2.0.62
HardwareNetgearAc2400-
Operating
System		NetgearAc2400 Firmware1.2.0.62
HardwareNetgearAc2600-
Operating
System		NetgearAc2600 Firmware1.2.0.62
HardwareNetgearC6300-
Operating
System		NetgearC6300 Firmware-
HardwareNetgearCg3100-
Operating
System		NetgearCg3100 Firmware-
HardwareNetgearCg3700b-
Operating
System		NetgearCg3700b Firmware2.02.03
HardwareNetgearCm400-
Operating
System		NetgearCm400 Firmware2017-01-11
HardwareNetgearCm600-
Results limited to 20 most recent known configurations

Popular searches for "Netgear"

NETGEAR: Networking Products Made For You

www.netgear.com

R: Networking Products Made For You At NETGEAR Easy to use. Powerful. Smart. netgear.com

www.netgear.ru www.netgear.ru www.netgear.com/service-providers www.netgear.ru/service-providers www.netgear.com/service-providers www.netgear.ru/service-providers kbserver.netgear.com/main.asp Netgear Wi-Fi Computer network Router (computing) Meural Network switch Canvas element Power over Ethernet Cloud computing Wireless access point Lanka Education and Research Network Computer security Frame (networking) Internet Protocol 4G Business Parental controls Product (business) Modem DOCSIS

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].