Netgear Xr500

120 CVEs affecting Netgear Xr500. Latest disclosed: 2026-06-09. Critical: 5, High: 40.

Top CVEs affecting Netgear Xr500
CVESeverityScorePublishedSummary
CVE-2021-38516Critical10.02021-08-11Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before…
CVE-2021-29068Critical9.92021-03-23Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before 1.0.4.98, R7000 before…
CVE-2020-35795Critical9.82020-12-30Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 b…
CVE-2021-45618Critical9.62021-12-26Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.64, EX6200v2 before 1.0.1.86, EX6250…
CVE-2020-35800Critical9.42020-12-30Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 befor…
CVE-2021-34947High8.82024-05-07NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code o…
CVE-2021-27253High8.82021-04-14This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is…
CVE-2021-27252High8.82021-04-14This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentica…
CVE-2021-27251High8.82021-04-14This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not requ…
CVE-2021-27256High8.82021-03-05This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although a…
CVE-2021-27255High8.82021-03-05This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is no…
CVE-2021-27254High8.82021-03-05This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exp…
CVE-2020-35799High8.82020-12-30Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78…
CVE-2018-21118High8.82020-04-22NETGEAR XR500 devices before 2.3.2.32 are affected by authentication bypass.
CVE-2018-21117High8.82020-04-22NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers via the traceroute handler.
CVE-2018-21116High8.82020-04-22NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers.
CVE-2018-21115High8.82020-04-22NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers.
CVE-2019-20685High8.82020-04-16Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75…
CVE-2019-20684High8.82020-04-16Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75…
CVE-2019-20683High8.82020-04-16Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76…