Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Netgear Subscribe
Filtered by product Srs60

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-20695 1 Netgear 6 Srk60, Srk60 Firmware, Srr60 and 3 more 2021-07-21 5.0 MEDIUM 7.5 HIGH
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects SRK60 before 2.3.5.106, SRR60 before 2.3.5.106, and SRS60 before 2.3.5.106.
CVE-2020-11551 1 Netgear 6 Rbs50y, Rbs50y Firmware, Srr60 and 3 more 2021-07-21 5.8 MEDIUM 8.8 HIGH
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote write of arbitrary Wi-Fi configuration data such as authentication details (e.g., the Web-admin password), network settings, DNS settings, system administration interface configuration, etc.
CVE-2020-14435 1 Netgear 14 Srk60, Srk60 Firmware, Srk60b03 and 11 more 2021-07-21 5.8 MEDIUM 8.8 HIGH
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects SRK60 before 2.5.2.104, SRS60 before 2.5.2.104, SRR60 before 2.5.2.104, SRK60B03 before 2.5.2.104, SRK60B04 before 2.5.2.104, SRK60B05 before 2.5.2.104, and SRK60B06 before 2.5.2.104.
CVE-2020-26920 1 Netgear 6 Srk60, Srk60 Firmware, Srr60 and 3 more 2020-10-16 5.8 MEDIUM 8.8 HIGH
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects SRK60 before 2.5.3.110, SRR60 before 2.5.3.110, and SRS60 before 2.5.3.110.
CVE-2020-11549 1 Netgear 6 Rbs50y, Rbs50y Firmware, Srr60 and 3 more 2020-05-20 8.3 HIGH 8.8 HIGH
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The root account has the same password as the Web-admin component. Thus, by exploiting CVE-2020-11551, it is possible to achieve remote code execution with root privileges on the embedded Linux system.