Product:

R7000_firmware

(Netgear)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 131
Date Id Summary Products Score Patch Annotated
2021-12-26 CVE-2021-45649 Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R7000 before 1.0.11.126, R6900P before 1.3.2.126, and R7000P before 1.3.2.126. R6400v2_firmware, R6700v3_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware 5.5
2021-12-26 CVE-2021-45650 Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RS400 before 1.5.1.80, R6400v2 before 1.0.4.102, R7000P before 1.3.2.126, R6700v3 before 1.0.4.102, and R6900P before 1.3.2.126. R6400v2_firmware, R6700v3_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7900_firmware, R8000_firmware, Rs400_firmware 7.5
2021-12-26 CVE-2021-45662 NETGEAR R7000 devices before 1.0.9.88 are affected by stored XSS. R7000_firmware 5.4
2021-12-26 CVE-2021-45663 NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS. R7000_firmware 5.4
2021-12-26 CVE-2021-45664 NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS. R7000_firmware 4.8
2021-12-26 CVE-2021-45670 Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800... Cbr40_firmware, Eax20_firmware, Eax80_firmware, Ex3700_firmware, Ex3800_firmware, Ex6120_firmware, Ex6130_firmware, Ex7500_firmware, Mr60_firmware, Ms60_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7900_firmware, R8000_firmware, Rax15_firmware, Rax200_firmware, Rax20_firmware, Rax45_firmware, Rax50_firmware, Rax75_firmware, Rax80_firmware, Rbk752_firmware, Rbk852_firmware, Rbr750_firmware, Rbr850_firmware, Rbs40v_firmware, Rbs750_firmware, Rbs850_firmware, Rbw30_firmware 4.8
2021-12-26 CVE-2021-45673 Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106. R6900p_firmware, R7000_firmware, R7000p_firmware, R7900_firmware, R8000_firmware, Rax200_firmware, Rax75_firmware, Rax80_firmware 5.4
2021-12-26 CVE-2021-45674 Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. R7000_firmware, R7900_firmware, R8000_firmware, Rax15_firmware, Rax200_firmware, Rax20_firmware, Rax75_firmware, Rax80_firmware 4.8
2021-12-26 CVE-2021-45679 Certain NETGEAR devices are affected by privilege escalation. This affects R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, and RS400 before 1.5.1.80. R6900p_firmware, R7000_firmware, R7000p_firmware, Rs400_firmware 7.2
2022-01-13 CVE-2021-34977 This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP requests. The issue results from the lack of proper authentication verification before performing a password reset. An attacker can leverage this vulnerability to reset the admin password. Was ZDI-CAN-13483. R7000_firmware 8.8