Netgear R6850_firmware
27 CVEs affecting Netgear R6850_firmware. Latest disclosed: 2025-11-11. Critical: 6, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-38516 | Critical | 10.0 | 2021-08-11 | Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before… |
CVE-2021-29068 | Critical | 9.9 | 2021-03-23 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before… |
CVE-2024-30568 | Critical | 9.8 | 2024-04-03 | Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter. |
CVE-2020-35795 | Critical | 9.8 | 2020-12-30 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 b… |
CVE-2021-45501 | Critical | 9.4 | 2021-12-26 | Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, AC2600 before 1.1.0.84, D7000 before 1.0.1.82, R6020 before… |
CVE-2020-35800 | Critical | 9.4 | 2020-12-30 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 befor… |
CVE-2021-34865 | High | 8.8 | 2022-01-25 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not requ… |
CVE-2020-27866 | High | 8.8 | 2021-02-12 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2… |
CVE-2020-27872 | High | 8.8 | 2021-02-04 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authentication… |
CVE-2024-30572 | High | 8.0 | 2024-04-03 | Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter. |
CVE-2021-45534 | High | 7.8 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects AC2100 before 1.2.0.88, AC2400 before 1.2.0.88, AC2600 before… |
CVE-2025-12942 | High | 7.5 | 2025-11-11 | Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attac… |
CVE-2024-30571 | High | 7.5 | 2024-04-03 | An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication requir… |
CVE-2024-30569 | High | 7.5 | 2024-04-03 | An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. |
CVE-2021-45644 | Medium | 6.8 | 2021-12-26 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.88, AC2400 before 1.2.0.88, AC2600 befor… |
CVE-2021-45511 | Medium | 6.8 | 2021-12-26 | Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021-08-27, AC2600 before 2021-08-27, D7000… |
CVE-2020-27867 | Medium | 6.8 | 2021-02-12 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2… |
CVE-2021-45647 | Medium | 6.5 | 2021-12-26 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76… |
CVE-2020-27873 | Medium | 6.5 | 2021-02-04 | This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authe… |
CVE-2020-17409 | Medium | 6.5 | 2020-10-13 | This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020… |