Netgear R6230_firmware
32 CVEs affecting Netgear R6230_firmware. Latest disclosed: 2026-01-28. Critical: 6, High: 15.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-38516 | Critical | 10.0 | 2021-08-11 | Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before… |
CVE-2021-29068 | Critical | 9.9 | 2021-03-23 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before… |
CVE-2020-35795 | Critical | 9.8 | 2020-12-30 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 b… |
CVE-2021-45501 | Critical | 9.4 | 2021-12-26 | Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, AC2600 before 1.1.0.84, D7000 before 1.0.1.82, R6020 before… |
CVE-2020-35800 | Critical | 9.4 | 2020-12-30 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 befor… |
CVE-2020-26908 | Critical | 9.4 | 2020-10-09 | Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.30, R6020 before… |
CVE-2022-27641 | High | 8.8 | 2023-03-29 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authenti… |
CVE-2021-34865 | High | 8.8 | 2022-01-25 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not requ… |
CVE-2020-27866 | High | 8.8 | 2021-02-12 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2… |
CVE-2020-27872 | High | 8.8 | 2021-02-04 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authentication… |
CVE-2020-35799 | High | 8.8 | 2020-12-30 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78… |
CVE-2019-20656 | High | 8.8 | 2020-04-15 | Certain NETGEAR devices are affected by a hardcoded password. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.30, R6020 before… |
CVE-2020-11788 | High | 8.8 | 2020-04-15 | Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.68, PR2000 before 1.0.0.28, R6050 before… |
CVE-2019-20657 | High | 8.0 | 2020-04-15 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1… |
CVE-2021-45534 | High | 7.8 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects AC2100 before 1.2.0.88, AC2400 before 1.2.0.88, AC2600 before… |
CVE-2022-40620 | High | 7.7 | 2026-01-28 | FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update pack… |
CVE-2022-40619 | High | 7.7 | 2026-01-28 | FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This… |
CVE-2021-45551 | High | 7.6 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1… |
CVE-2020-26929 | High | 7.3 | 2020-10-09 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6220 before 1.1.0.100 and R6230 before 1.1.0.100. |
CVE-2021-45657 | High | 7.1 | 2021-12-26 | Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before… |