Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Xavn2001v2_firmware
(Netgear)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 3 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-02-02 | CVE-2023-23110 | An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verification. This affects WNR612v2 Wireless Routers 1.0.0.3 and earlier, DGN1000v3 Modem Router 1.0.0.22 and earlier, D6100 WiFi DSL Modem Routers 1.0.0.63 and earlier, WNR1000v2 Wireless... | D6100_firmware, Dgn1000v3_firmware, R8900_firmware, R9000_firmware, Wnr1000v2_firmware, Wnr2200_firmware, Wnr2500_firmware, Wnr612v2_firmware, Xavn2001v2_firmware | 7.4 | ||
2023-08-07 | CVE-2023-38922 | Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function. | Jwnr2000v2_firmware, Xavn2001v2_firmware, Xwn5001_firmware | 8.8 | ||
2023-08-07 | CVE-2023-39550 | Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the check_auth function. | Jwnr2000v2_firmware, Xavn2001v2_firmware, Xwn5001_firmware | 8.8 |