Vulnerabilities (CVE)

Filtered by vendor Netgear Subscribe

Filtered by product Mr1100

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-20649	1 Netgear	2 Mr1100, Mr1100 Firmware	2021-07-21	5.0 MEDIUM	7.5 HIGH
NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of sensitive information.
CVE-2019-14526	1 Netgear	2 Mr1100, Mr1100 Firmware	2019-08-27	5.8 MEDIUM	8.1 HIGH
An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entirely bypasses the intended security benefits of the use of a CSRF-protection token.