cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-45607,https://securityvulnerability.io/vulnerability/CVE-2021-45607,Stack-Based Buffer Overflow Vulnerability in NETGEAR Routers,"Certain NETGEAR devices are susceptible to a stack-based buffer overflow, which can be exploited by authenticated users. This vulnerability affects multiple models, including R6400v2, R6700v3, and R7000 series, among others, prior to their respective firmware updates. Malicious users with authenticated access can take advantage of this flaw to execute unauthorized commands or disrupt device functionality.",Netgear,R6400v2 Firmware,6.8,MEDIUM,0.0009599999757483602,false,,false,false,false,,,false,false,,2021-12-26T00:37:39.000Z,0
CVE-2021-45643,https://securityvulnerability.io/vulnerability/CVE-2021-45643,Security Misconfiguration in NETGEAR Routers Impacting User Privacy,"Certain NETGEAR devices suffer from security misconfiguration issues that can expose users to potential threats. This vulnerability impacts the R6400v2, R6700v3, and XR1000 models when they are running versions before specified updates. Users are advised to ensure their devices are updated to maintain optimal security and privacy.",Netgear,R6400v2 Firmware,8.2,HIGH,0.0005799999926239252,false,,false,false,false,,,false,false,,2021-12-26T00:30:29.000Z,0
CVE-2021-45649,https://securityvulnerability.io/vulnerability/CVE-2021-45649,Sensitive Information Disclosure in NETGEAR Routers,"Certain NETGEAR routers are susceptible to a vulnerability that allows attackers to gain access to sensitive information. This issue affects specific models including R6400v2, R6700v3, R7000, R6900P, and R7000P if they are running below designated firmware versions. Users are encouraged to upgrade their devices to the latest firmware to mitigate the potential risks associated with this vulnerability.",Netgear,R6400v2 Firmware,7.9,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-12-26T00:29:28.000Z,0
CVE-2021-40847,https://securityvulnerability.io/vulnerability/CVE-2021-40847,Remote Code Execution Vulnerability in NETGEAR Routers via Circle Parental Control Service,"The Circle Parental Control Service on various NETGEAR routers has a vulnerability in its update process that allows remote attackers to execute arbitrary code. This issue arises from the circumvention of security measures, as the update mechanism relies on cleartext HTTP for version checks and database updates. Attackers capable of performing a Man-in-the-Middle (MitM) attack can intercept these requests, supplying malicious payloads disguised as legitimate updates. This exploitation can lead to the overwriting of critical executable files with unauthorized code, significantly compromising device integrity. Although the parental control feature is not enabled by default, the update daemon is on, thereby increasing the susceptibility of these routers to exploitation.",Netgear,R6400v2 Firmware,8.1,HIGH,0.004780000075697899,false,,false,false,false,,,false,false,,2021-09-21T17:04:54.000Z,0
CVE-2020-35798,https://securityvulnerability.io/vulnerability/CVE-2020-35798,,"Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6900P before 1.3.2.124, R7000 before 1.0.11.100, R7000P before 1.3.2.124, R7800 before 1.0.2.74, R7850 before 1.0.5.60, R7900 before 1.0.4.26, R7960P before 1.4.1.50, R8000 before 1.0.4.52, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX15 before 1.0.1.64, RAX20 before 1.0.1.64, RAX200 before 1.0.1.12, RAX45 before 1.0.2.66, RAX50 before 1.0.2.66, RAX75 before 1.0.3.102, RAX80 before 1.0.3.102, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RS400 before 1.5.0.48, and XR300 before 1.0.3.50.",Netgear,R6400v2 Firmware,9.3,CRITICAL,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-12-30T00:15:00.000Z,0
CVE-2020-28373,https://securityvulnerability.io/vulnerability/CVE-2020-28373,,"upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.102_10.0.75, R6400 V1.0.1.62_1.0.41, R7000P V1.3.2.126_10.1.66, XR300 V1.0.3.50_10.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST V1.0.0.74, R7850 V1.0.5.64, R7900 V1.0.4.30, RAX20 V1.0.2.64, RAX80 V1.0.3.102, and R6250 V1.0.4.44.",Netgear,R6400v2 Firmware,8.8,HIGH,0.0009699999936856329,false,,false,false,false,,,false,false,,2020-11-09T21:32:28.000Z,0