Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dgn2200_firmware
(Netgear)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 36 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-04-20 | CVE-2017-18842 | Certain NETGEAR devices are affected by CSRF. This affects R7300 before 1.0.0.54, R8500 before 1.0.2.94, DGN2200v1 before 1.0.0.55, and D2200D/D2200DW-1FRNAS before 1.0.0.32. | D2200d_firmware, D2200dw\-1frnas_firmware, Dgn2200_firmware, R7300_firmware, R8500_firmware | N/A | ||
2020-04-22 | CVE-2017-18785 | Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700 before 1.0.1.28, EX6100v2 before 1.0.1.54, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.52, EX6400 before 1.0.1.72, EX7300 before 1.0.1.72,... | D3600_firmware, D6000_firmware, D6100_firmware, D6200_firmware, D6220_firmware, D6400_firmware, D7000_firmware, D7800_firmware, D8500_firmware, Dgn2200_firmware, Dgn2200b_firmware, Ex2700_firmware, Ex6100_firmware, Ex6150_firmware, Ex6200_firmware, Ex6400_firmware, Ex7300_firmware, Ex8000_firmware, Jnr1010_firmware, Jwnr2010_firmware, Pr2000_firmware, R6020_firmware, R6080_firmware, R6100_firmware, R6250_firmware, R6300_firmware, R6400_firmware, R6700_firmware, R6800_firmware, R6900_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7300dst_firmware, R7500_firmware, R7800_firmware, R7900_firmware, R7900p_firmware, R8000_firmware, R8000p_firmware, R8300_firmware, R8500_firmware, R9000_firmware, Wn2000rpt_firmware, Wn3000rp_firmware, Wn3100rp_firmware, Wndr3400_firmware, Wndr3700_firmware, Wndr4300_firmware, Wndr4500_firmware, Wnr1000_firmware, Wnr2000_firmware, Wnr2020_firmware, Wnr2050_firmware, Wnr3500l_firmware | N/A | ||
2020-04-22 | CVE-2017-18769 | Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 before 1.0.1.10J, R6100 before 1.0.1.16, R6150 before 1.0.1.10, R6220 before 1.1.0.50, R6250 before 1.0.4.12, R6300v2 before 1.0.4.12, R6400... | D6220_firmware, D6400_firmware, D7000_firmware, D7800_firmware, D8500_firmware, Dgn2200_firmware, Dgn2200b_firmware, Ex6200_firmware, Ex7000_firmware, Jr6150_firmware, R6050_firmware, R6100_firmware, R6150_firmware, R6220_firmware, R6250_firmware, R6300_firmware, R6400_firmware, R6700_firmware, R6800_firmware, R6900_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7300_firmware, R7500_firmware, R7800_firmware, R7900_firmware, R8000_firmware, R8300_firmware, R8500_firmware, R9000_firmware, Wndr3400_firmware, Wndr3700_firmware, Wndr4300_firmware, Wndr4500_firmware, Wnr3500l_firmware | N/A | ||
2020-04-16 | CVE-2019-20740 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R7300 before 1.0.0.70, R8300 before 1.0.2.130, and R8500 before 1.0.2.130. | Dgn2200_firmware, Dgnd2200b_firmware, R7300_firmware, R8300_firmware, R8500_firmware | N/A | ||
2020-04-16 | CVE-2019-20732 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24,... | D6220_firmware, D7000_firmware, D8500_firmware, Dgn2200_firmware, Dgnd2200b_firmware, Ex3700_firmware, Ex3800_firmware, Ex6000_firmware, Ex6100_firmware, Ex6120_firmware, Ex6130_firmware, Ex6150_firmware, Ex6200_firmware, Ex7000_firmware, R6250_firmware, R6300_firmware, R6400_firmware, R6700_firmware, R6900_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7300dst_firmware, R7900_firmware, R7900p_firmware, R8000_firmware, R8000p_firmware, R8300_firmware, R8500_firmware, Wn2500rp_firmware, Wndr3400_firmware, Wnr3500l_firmware | N/A | ||
2020-04-16 | CVE-2019-20728 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBW30 before 2.1.2.6, R6250 before 1.0.4.26, R6300v2 before 1.0.4.24, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700... | D6400_firmware, D7000_firmware, D7800_firmware, D8500_firmware, Dgn2200_firmware, Dgnd2200b_firmware, Dm200_firmware, Jndr3000_firmware, R6250_firmware, R6300_firmware, R6400_firmware, R6700_firmware, R6900_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7300dst_firmware, R7500_firmware, R7800_firmware, R7900_firmware, R7900p_firmware, R8000_firmware, R8000p_firmware, R8300_firmware, R8500_firmware, R8900_firmware, R9000_firmware, Rbk50_firmware, Rbr50_firmware, Rbs50_firmware, Rbw30_firmware, Wndr3400_firmware, Wndr3700_firmware, Wndr4300_firmware, Wndr4500_firmware, Wnr2000_firmware, Wnr3500l_firmware | N/A | ||
2020-04-16 | CVE-2019-20716 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v4 before 1.0.0.110 and DGND2200Bv4 before 1.0.0.109. | Dgn2200_firmware, Dgnd2200b_firmware | N/A | ||
2019-10-09 | CVE-2019-17373 | Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2. | Dgn2200_firmware, Dgn2200m_firmware, Dgnd3700_firmware, Mbr1515_firmware, Mbr1516_firmware, Wndr3300_firmware, Wndr3400_firmware, Wnr2000v2_firmware, Wnr3500_firmware, Wnr834bv2_firmware | N/A | ||
2018-07-24 | CVE-2016-5649 | A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin password in clear text before it gets redirected to absw_vfysucc.cgia. An attacker can use this password to gain administrator access to the targeted router's web interface. | Dgn2200_firmware, Dgnd3700_firmware | 9.8 | ||
2017-03-15 | CVE-2017-6366 | Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely. | Dgn2200_firmware | 8.8 |