Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Netgear Subscribe
Filtered by product Readynas Surveillance

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18861 1 Netgear 1 Readynas Surveillance 2020-05-05 7.9 HIGH 8.0 HIGH
Certain NETGEAR devices are affected by CSRF. This affects ReadyNAS Surveillance 1.4.3-15-x86 and earlier and ReadyNAS Surveillance 1.1.4-5-ARM and earlier.
CVE-2016-11056 1 Netgear 1 Readynas Surveillance 2020-05-05 9.0 HIGH 8.8 HIGH
Certain NETGEAR devices are affected by anonymous root access. This affects ReadyNAS Surveillance 1.1.1-3-armel and earlier and ReadyNAS Surveillance 1.4.1-3-amd64 and earlier.
CVE-2016-5679 2 Netgear, Nuuo 2 Readynas Surveillance, Nvrmini 2 2017-09-03 9.0 HIGH 8.8 HIGH
cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command.
CVE-2016-5680 2 Netgear, Nuuo 2 Readynas Surveillance, Nvrmini 2 2017-09-03 9.0 HIGH 8.8 HIGH
Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transfer_license command.
CVE-2016-5676 2 Netgear, Nuuo 3 Readynas Surveillance, Nvrmini 2, Nvrsolo 2017-09-03 5.0 MEDIUM 7.5 HIGH
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to reset the administrator password via a cmd=loaddefconfig action.
CVE-2016-5677 2 Netgear, Nuuo 3 Readynas Surveillance, Nvrmini 2, Nvrsolo 2017-09-03 5.0 MEDIUM 7.5 HIGH
NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request.