Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Netgear Subscribe
Total 1268 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-11060 1 Netgear 8 Fvs318g, Fvs318g Firmware, Fvs318n and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Certain NETGEAR devices are affected by insecure renegotiation. This affects SRX5308 before 2017-02-10, FVS336Gv3 before 2017-02-10, FVS318N before 2017-02-10, and FVS318Gv2 before 2017-02-10.
CVE-2016-11059 1 Netgear 86 Ac1450, Ac1450 Firmware, C6300 and 83 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before 2017-01-06, DGND3700v1 before 2017-01-06, DGND3700v2 before 2017-01-06, DGND3700Bv2 before 2017-01-06, JNR1010v1 before 2017-01-06, JNR1010v2 before 2017-01-06, JNR3300 before 2017-01-06, JR6100 before 2017-01-06, JR6150 before 2017-01-06, JWNR2000v5 before 2017-01-06, R2000 before 2017-01-06, R6050 before 2017-01-06, R6100 before 2017-01-06, R6200 before 2017-01-06, R6200v2 before 2017-01-06, R6220 before 2017-01-06, R6250 before 2017-01-06, R6300 before 2017-01-06, R6300v2 before 2017-01-06, R6700 before 2017-01-06, R7000 before 2017-01-06, R7900 before 2017-01-06, R7500 before 2017-01-06, R8000 before 2017-01-06, WGR614v10 before 2017-01-06, WNR1000v2 before 2017-01-06, WNR1000v3 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2000v3 before 2017-01-06, WNR2000v4 before 2017-01-06, WNR2000v5 before 2017-01-06, WNR2200 before 2017-01-06, WNR2500 before 2017-01-06, WNR3500Lv2 before 2017-01-06, WNDR3400v2 before 2017-01-06, WNDR3400v3 before 2017-01-06, WNDR3700v3 before 2017-01-06, WNDR3700v4 before 2017-01-06, WNDR3700v5 before 2017-01-06, WNDR4300 before 2017-01-06, WNDR4300v2 before 2017-01-06, WNDR4500v1 before 2017-01-06, WNDR4500v2 before 2017-01-06, and WNDR4500v3 before 2017-01-06.
CVE-2016-11058 1 Netgear 1 Genie 2024-11-21 5.0 MEDIUM 7.5 HIGH
The NETGEAR genie application before 2.4.34 for Android is affected by mishandling of hard-coded API keys and session IDs.
CVE-2016-11057 1 Netgear 18 Jnr1010, Jnr1010 Firmware, Jwnr2000 and 15 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, WNR2020 before 2017-01-06, JWNR2010v5 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2020v2 before 2017-01-06, R6220 before 2017-01-06, and WNDR3700v5 before 2017-01-06.
CVE-2016-11056 1 Netgear 1 Readynas Surveillance 2024-11-21 9.0 HIGH 8.8 HIGH
Certain NETGEAR devices are affected by anonymous root access. This affects ReadyNAS Surveillance 1.1.1-3-armel and earlier and ReadyNAS Surveillance 1.4.1-3-amd64 and earlier.
CVE-2016-11055 1 Netgear 26 Cm400, Cm400 Firmware, Cm600 and 23 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-11, WNR612v3 before 2017-01-11, N450 before 2017-01-11, and CG3000Dv2 before 2017-01-11.
CVE-2016-11054 1 Netgear 2 Dgn2200, Dgn2200 Firmware 2024-11-21 9.0 HIGH 7.2 HIGH
NETGEAR DGN2200v4 devices before 2017-01-06 are affected by command execution and an FTP insecure root directory.
CVE-2016-11022 1 Netgear 6 Prosafe Wc7520, Prosafe Wc7520 Firmware, Prosafe Wc7600 and 3 more 2024-11-21 6.5 MEDIUM 7.2 HIGH
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login_handler.php.
CVE-2016-11016 1 Netgear 2 Jnr1010, Jnr1010 Firmware 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS.
CVE-2016-11015 1 Netgear 2 Jnr1010, Jnr1010 Firmware 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.
CVE-2016-11014 1 Netgear 2 Jnr1010, Jnr1010 Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.
CVE-2016-10864 1 Netgear 2 Ex7000, Ex7000 Firmware 2024-11-21 2.9 LOW 5.2 MEDIUM
NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID.
CVE-2014-3919 1 Netgear 2 Cg3100, Cg3100 Firmware 2024-11-21 4.3 MEDIUM 9.3 CRITICAL
A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp3 V0027 via an embed malicious script in an unspecified page, which could let a malicious user obtain sensitive information.
CVE-2013-4657 1 Netgear 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service.
CVE-2013-3517 1 Netgear 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L.
CVE-2013-3516 1 Netgear 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens.
CVE-2013-3317 1 Netgear 2 Wnr1000, Wnr1000 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.
CVE-2013-3316 1 Netgear 2 Wnr1000, Wnr1000 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg".
CVE-2013-3074 1 Netgear 2 Wndr4700, Wndr4700 Firmware 2024-11-21 7.8 HIGH 7.5 HIGH
NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash).
CVE-2013-3073 1 Netgear 2 Wndr4700, Wndr4700 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34.