Note:
This project will be discontinued after December 13, 2021. [more]
Product:
R7000_firmware
(Netgear)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 131 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-12-26 | CVE-2021-45649 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R7000 before 1.0.11.126, R6900P before 1.3.2.126, and R7000P before 1.3.2.126. | R6400v2_firmware, R6700v3_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware | 5.5 | ||
2021-12-26 | CVE-2021-45650 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RS400 before 1.5.1.80, R6400v2 before 1.0.4.102, R7000P before 1.3.2.126, R6700v3 before 1.0.4.102, and R6900P before 1.3.2.126. | R6400v2_firmware, R6700v3_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7900_firmware, R8000_firmware, Rs400_firmware | 7.5 | ||
2021-12-26 | CVE-2021-45662 | NETGEAR R7000 devices before 1.0.9.88 are affected by stored XSS. | R7000_firmware | 5.4 | ||
2021-12-26 | CVE-2021-45663 | NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS. | R7000_firmware | 5.4 | ||
2021-12-26 | CVE-2021-45664 | NETGEAR R7000 devices before 1.0.11.126 are affected by stored XSS. | R7000_firmware | 4.8 | ||
2021-12-26 | CVE-2021-45670 | Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7000 before 1.0.11.116, R7900 before 1.0.4.38, R8000 before 1.0.4.68, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1.4, EX3700 before 1.0.0.90, MR60 before 1.0.6.110, R7000P before 1.3.2.126, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX80 before 1.0.3.106, EX3800... | Cbr40_firmware, Eax20_firmware, Eax80_firmware, Ex3700_firmware, Ex3800_firmware, Ex6120_firmware, Ex6130_firmware, Ex7500_firmware, Mr60_firmware, Ms60_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7900_firmware, R8000_firmware, Rax15_firmware, Rax200_firmware, Rax20_firmware, Rax45_firmware, Rax50_firmware, Rax75_firmware, Rax80_firmware, Rbk752_firmware, Rbk852_firmware, Rbr750_firmware, Rbr850_firmware, Rbs40v_firmware, Rbs750_firmware, Rbs850_firmware, Rbw30_firmware | 4.8 | ||
2021-12-26 | CVE-2021-45673 | Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, R7000P before 1.3.3.140, RAX80 before 1.0.3.106, R6900P before 1.3.3.140, and RAX75 before 1.0.3.106. | R6900p_firmware, R7000_firmware, R7000p_firmware, R7900_firmware, R8000_firmware, Rax200_firmware, Rax75_firmware, Rax80_firmware | 5.4 | ||
2021-12-26 | CVE-2021-45674 | Certain NETGEAR devices are affected by stored XSS. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX200 before 1.0.3.106, RAX75 before 1.0.3.106, and RAX80 before 1.0.3.106. | R7000_firmware, R7900_firmware, R8000_firmware, Rax15_firmware, Rax200_firmware, Rax20_firmware, Rax75_firmware, Rax80_firmware | 4.8 | ||
2021-12-26 | CVE-2021-45679 | Certain NETGEAR devices are affected by privilege escalation. This affects R6900P before 1.3.3.140, R7000 before 1.0.11.126, R7000P before 1.3.3.140, and RS400 before 1.5.1.80. | R6900p_firmware, R7000_firmware, R7000p_firmware, Rs400_firmware | 7.2 | ||
2022-01-13 | CVE-2021-34977 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7000 1.0.11.116_10.2.100 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP requests. The issue results from the lack of proper authentication verification before performing a password reset. An attacker can leverage this vulnerability to reset the admin password. Was ZDI-CAN-13483. | R7000_firmware | 8.8 |