Netgear Ex8000_firmware
31 CVEs affecting Netgear Ex8000_firmware. Latest disclosed: 2025-12-23. Critical: 7, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-50526 | Critical | 9.8 | 2025-12-23 | Netgear EX8000 V1.0.0.126 was discovered to contain a command injection vulnerability via the switch_status function. |
CVE-2025-45492 | Critical | 9.8 | 2025-05-06 | Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function. |
CVE-2018-21153 | Critical | 9.8 | 2020-04-27 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, EX2700 bef… |
CVE-2019-20730 | Critical | 9.8 | 2020-04-16 | Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28, D6220 before 1.0.0.40… |
CVE-2021-45619 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.134, EX770… |
CVE-2021-45618 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.64, EX6200v2 before 1.0.1.86, EX6250… |
CVE-2020-35800 | Critical | 9.4 | 2020-12-30 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 befor… |
CVE-2021-34947 | High | 8.8 | 2024-05-07 | NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code o… |
CVE-2022-27641 | High | 8.8 | 2023-03-29 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authenti… |
CVE-2021-27253 | High | 8.8 | 2021-04-14 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is… |
CVE-2021-27252 | High | 8.8 | 2021-04-14 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentica… |
CVE-2021-27251 | High | 8.8 | 2021-04-14 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not requ… |
CVE-2021-27256 | High | 8.8 | 2021-03-05 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although a… |
CVE-2021-27255 | High | 8.8 | 2021-03-05 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is no… |
CVE-2021-27254 | High | 8.8 | 2021-03-05 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exp… |
CVE-2020-27861 | High | 8.8 | 2021-02-12 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi 2.5.1.16 routers. Authentication is no… |
CVE-2020-35799 | High | 8.8 | 2020-12-30 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78… |
CVE-2021-38527 | High | 8.1 | 2021-08-11 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v… |
CVE-2020-35787 | High | 8.0 | 2020-12-30 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1… |
CVE-2021-38525 | Medium | 6.8 | 2021-08-11 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D620… |