Netgear Wnr1000_firmware
36 CVEs affecting Netgear Wnr1000_firmware. Latest disclosed: 2020-04-28. Critical: 4, High: 20.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-20489 | Critical | 9.8 | 2020-03-02 | An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web management interface (setup.cgi) has an authentication bypass and other problems that ul… |
CVE-2019-20488 | Critical | 9.8 | 2020-03-02 | An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the web management interface (setup.cgi) are vulnerable to command injec… |
CVE-2013-3317 | Critical | 9.8 | 2020-01-29 | Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. |
CVE-2013-3316 | Critical | 9.8 | 2020-01-29 | Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg". |
CVE-2018-21226 | High | 8.8 | 2020-04-28 | Certain NETGEAR devices are affected by authentication bypass. This affects JNR1010v2 before 1.1.0.48, JWNR2010v5 before 1.1.0.48, WNR1000v4 before 1.1.0.48, W… |
CVE-2018-21169 | High | 8.8 | 2020-04-27 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7000 before 2018-03-01, D7800 before 1.0.1.31, D8500 before… |
CVE-2017-18703 | High | 8.8 | 2020-04-24 | Certain NETGEAR devices are affected by CSRF. This affects D1500 before 1.0.0.25, D500 before 1.0.0.25, D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 bef… |
CVE-2017-18737 | High | 8.8 | 2020-04-23 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2… |
CVE-2017-18734 | High | 8.8 | 2020-04-23 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2… |
CVE-2017-18749 | High | 8.8 | 2020-04-23 | Certain NETGEAR devices are affected by CSRF. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, R6050 before 1.0.1.10… |
CVE-2017-18764 | High | 8.8 | 2020-04-22 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 befo… |
CVE-2017-18782 | High | 8.8 | 2020-04-22 | Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JR6150 before 1.0.1.12, JNR1010v2 before 1.1.0.44, JW… |
CVE-2017-18781 | High | 8.8 | 2020-04-22 | Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44… |
CVE-2017-18791 | High | 8.8 | 2020-04-21 | Certain NETGEAR devices are affected by CSRF. This affects R6050/JR6150 before 1.0.1.7, PR2000 before 1.0.0.17, R6220 before 1.1.0.50, WNDR3700v5 before 1.1.0… |
CVE-2019-20487 | High | 8.8 | 2020-03-02 | An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the WNR1000V4 web management console are vulnerable to an unauthenticate… |
CVE-2017-18776 | High | 8.4 | 2020-04-22 | Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, D7000 before V1.0.1.50, D7800 before V1.0.1.24, JNR1010v2 b… |
CVE-2019-17372 | High | 8.1 | 2019-10-09 | Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for ex… |
CVE-2017-18787 | High | 7.8 | 2020-04-22 | Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 b… |
CVE-2017-18786 | High | 7.8 | 2020-04-22 | Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 b… |
CVE-2017-18779 | High | 7.8 | 2020-04-22 | Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before… |