Netgear Xr300
57 CVEs affecting Netgear Xr300. Latest disclosed: 2026-01-28. Critical: 16, High: 15.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-29068 | Critical | 9.9 | 2021-03-23 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before… |
CVE-2021-45617 | Critical | 9.8 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, EAX20 before 1.0.0.48, EAX80 befo… |
CVE-2020-35795 | Critical | 9.8 | 2020-12-30 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 b… |
CVE-2021-45625 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects XR300 before 1.0.3.68, R7000P before 1.3.3.140, and R690… |
CVE-2021-45624 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R7000 be… |
CVE-2021-45622 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 befo… |
CVE-2021-45621 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 bef… |
CVE-2021-45620 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 befo… |
CVE-2021-45612 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 befo… |
CVE-2021-45611 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects DC112A before 1.0.0.52, R6400 before 1.0.1.68, RAX200 be… |
CVE-2021-45610 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.66, D6400 before 1.0.0.100, D7000v2 b… |
CVE-2021-45609 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6250 before 1.0.4.48, R7000 befo… |
CVE-2021-45527 | Critical | 9.6 | 2021-12-26 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before… |
CVE-2021-38528 | Critical | 9.6 | 2021-08-11 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6900P before 1.3.2.132, R7000P b… |
CVE-2020-35800 | Critical | 9.4 | 2020-12-30 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 befor… |
CVE-2020-35798 | Critical | 9.3 | 2020-12-30 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P… |
CVE-2021-34982 | High | 8.8 | 2024-05-07 | NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute… |
CVE-2023-36499 | High | 8.8 | 2023-08-07 | Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi. |
CVE-2022-27643 | High | 8.8 | 2023-03-29 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authenti… |
CVE-2021-34991 | High | 8.8 | 2021-11-15 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.106_10.0.80 routers. Authenti… |