Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Netgear Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 443 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-20664 1 Netgear 18 Rbk20, Rbk20 Firmware, Rbk40 and 15 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2019-20665 1 Netgear 18 Rbk20, Rbk20 Firmware, Rbk40 and 15 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2019-20670 1 Netgear 6 Rbk50, Rbk50 Firmware, Rbr50 and 3 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2019-20666 1 Netgear 6 Rbk50, Rbk50 Firmware, Rbr50 and 3 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2019-20672 1 Netgear 6 Rbk50, Rbk50 Firmware, Rbr50 and 3 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2019-20674 1 Netgear 18 Rbk20, Rbk20 Firmware, Rbk40 and 15 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2019-20677 1 Netgear 6 Rbk50, Rbk50 Firmware, Rbr50 and 3 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2019-20678 1 Netgear 18 Rbk20, Rbk20 Firmware, Rbk40 and 15 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2020-11780 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11779 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11781 1 Netgear 22 D7800, D7800 Firmware, R7500 and 19 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11782 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11783 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11785 1 Netgear 22 D7800, D7800 Firmware, R7500 and 19 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11784 1 Netgear 22 D7800, D7800 Firmware, R7500 and 19 more 2020-04-20 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2019-20639 1 Netgear 6 Rbk50, Rbk50 Firmware, Rbr50 and 3 more 2020-04-17 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
CVE-2019-20766 1 Netgear 2 R7800, R7800 Firmware 2020-04-17 5.2 MEDIUM 6.8 MEDIUM
NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.
CVE-2019-20765 1 Netgear 2 R7800, R7800 Firmware 2020-04-17 5.2 MEDIUM 6.8 MEDIUM
NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.
CVE-2019-20764 1 Netgear 2 R7800, R7800 Firmware 2020-04-17 5.2 MEDIUM 6.8 MEDIUM
NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.
CVE-2019-20763 1 Netgear 2 R7800, R7800 Firmware 2020-04-17 5.2 MEDIUM 6.8 MEDIUM
NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.
CVE-2020-11775 1 Netgear 34 D7800, D7800 Firmware, R7500 and 31 more 2020-04-17 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11769 1 Netgear 32 D7800, D7800 Firmware, R7500 and 29 more 2020-04-17 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBK50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11768 1 Netgear 34 D7800, D7800 Firmware, R7500 and 31 more 2020-04-17 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by Stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2019-20647 1 Netgear 2 Rax40, Rax40 Firmware 2020-04-17 2.7 LOW 5.7 MEDIUM
NETGEAR RAX40 devices before 1.0.3.64 are affected by denial of service.
CVE-2019-20645 1 Netgear 2 Rax40, Rax40 Firmware 2020-04-17 3.5 LOW 4.8 MEDIUM
NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.
CVE-2019-20644 1 Netgear 2 Rax40, Rax40 Firmware 2020-04-17 3.5 LOW 4.8 MEDIUM
NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.
CVE-2020-11771 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-16 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11772 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-16 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11773 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-16 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11776 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-16 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11774 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-16 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11777 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-16 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by Stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2020-11778 1 Netgear 16 D7800, D7800 Firmware, R7500 and 13 more 2020-04-16 3.5 LOW 4.8 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE-2019-20486 1 Netgear 2 Wnr1000, Wnr1000 Firmware 2020-03-04 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple pages (setup.cgi and adv_index.htm) within the web management console are vulnerable to stored XSS, as demonstrated by the configuration of the UI language.
CVE-2019-12512 1 Netgear 2 Nighthawk X10-r9000, Nighthawk X10-r9000 Firmware 2020-02-28 4.3 MEDIUM 6.1 MEDIUM
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt. The value supplied by this header will be inserted into administrative logs, found at Advanced settings->Administration->Logs, and may trigger when the page is viewed. Although this value is inserted into a textarea tag, the attack simply needs to supply a closing textarea tag.
CVE-2019-12513 1 Netgear 2 Nighthawk X10-r9000, Nighthawk X10-r9000 Firmware 2020-02-28 4.3 MEDIUM 6.1 MEDIUM
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the malicious DHCP request is received, the device will generate a log entry containing the malicious hostname. This log entry may then be viewed at Advanced settings->Administration->Logs to trigger the exploit. Although this value is inserted into a textarea tag, converted to all-caps, and limited in length, attacks are still possible.
CVE-2012-6341 1 Netgear 4 Wgr614v7, Wgr614v7 Firmware, Wgr614v9 and 1 more 2020-02-12 4.0 MEDIUM 6.5 MEDIUM
An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext. This is a different issue than CVE-2012-6340.
CVE-2012-6340 1 Netgear 4 Wgr614v7, Wgr614v7 Firmware, Wgr614v9 and 1 more 2020-02-11 2.1 LOW 4.6 MEDIUM
An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential used for serial programming, a related issue to CVE-2006-1002.
CVE-2013-3516 1 Netgear 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more 2019-11-18 4.3 MEDIUM 6.5 MEDIUM
NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens.
CVE-2013-3517 1 Netgear 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more 2019-11-15 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L.
CVE-2016-10864 1 Netgear 2 Ex7000, Ex7000 Firmware 2019-08-19 2.9 LOW 5.2 MEDIUM
NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID.
CVE-2016-10106 1 Netgear 8 Fvs318gv2, Fvs318gv2 Firmware, Fvs318n and 5 more 2017-07-27 4.0 MEDIUM 6.5 MEDIUM
Directory traversal vulnerability in scgi-bin/platform.cgi on NETGEAR FVS336Gv3, FVS318N, FVS318Gv2, and SRX5308 devices with firmware before 4.3.3-8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the thispage parameter, as demonstrated by reading the /etc/shadow file.
CVE-2015-8288 1 Netgear 4 D3600, D3600 Firmware, D6000 and 1 more 2016-06-21 4.3 MEDIUM 5.9 MEDIUM
NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.