Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wndr4000_firmware
(Netgear)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 3 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-01-17 | CVE-2017-5521 | An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices. They are prone to password disclosure via simple crafted requests to the web management server. The bug is exploitable remotely if the remote management option is set, and can also be exploited given access to the router over LAN or WLAN. When trying to access the web panel, a user is asked to authenticate; if the authentication is canceled... | Ac1450_firmware, D6220_firmware, D6300_firmware, D6300b_firmware, D6400_firmware, Dgn2200bv4_firmware, R6200_firmware, R6300_firmware, Vegn2610_firmware, Wndr3700v3_firmware, Wndr4000_firmware, Wndr4500_firmware, Wnr1000v3_firmware | 8.1 | ||
2020-04-22 | CVE-2017-18756 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.66, D8500 before 1.0.3.35, DGN2200Bv4 before 1.0.0.94, DGN2200v4 before 1.0.0.94, R6250 before 1.0.4.14, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.30, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7900 before 1.0.2.4, R8000 before... | D6220_firmware, D6400_firmware, D8500_firmware, Dgn2200_firmware, Dgn2200b_firmware, R6250_firmware, R6300_firmware, R6400_firmware, R6700_firmware, R6900_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7900_firmware, R8000_firmware, Wn2500rp_firmware, Wndr3400_firmware, Wndr4000_firmware | N/A | ||
2019-10-09 | CVE-2019-17372 | Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000,... | Ac1450_firmware, D8500_firmware, Dc112a_firmware, Jndr3000_firmware, Lg2200d_firmware, R4500_firmware, R6200_firmware, R6200v2_firmware, R6250_firmware, R6300_firmware, R6300v2_firmware, R6400_firmware, R6700_firmware, R6900_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7300_firmware, R7900_firmware, R8000_firmware, R8300_firmware, R8500_firmware, Wgr614v10_firmware, Wn2500rpv2_firmware, Wndr3400v2_firmware, Wndr3700v3_firmware, Wndr4000_firmware, Wndr4500_firmware, Wndr4500v2_firmware, Wnr1000_firmware, Wnr1000v3_firmware, Wnr3500l_firmware | N/A |