CVE-2025-28219

all versions

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute ar

9.8CRITICAL

CVE-2021-34983

< 1.0.0.62

NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerabili

6.5MEDIUM

CVE-2021-34982

< 1.0.0.62

NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-

8.8HIGH

CVE-2023-38925

all versions

Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the http_passwd para

8.8HIGH

CVE-2022-27643

< 1.0.0.64

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.

8.8HIGH

CVE-2022-24655

all versions

A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, whi

7.8HIGH

CVE-2021-45641

< 1.0.0.42

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 be

4.6MEDIUM

CVE-2021-45640

< 1.0.0.42

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 be

3.9LOW

CVE-2021-45638

< 1.0.0.56

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.

9.6CRITICAL

CVE-2021-45611

< 1.0.0.52

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects DC112A before 1.0.0.52, R64

9.6CRITICAL

CVE-2021-45610

< 1.0.0.52

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.66, D640

9.6CRITICAL

CVE-2021-45527

< 1.0.0.54

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 befo

9.6CRITICAL

CVE-2021-34991

< 1.0.0.62

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.

8.8HIGH

CVE-2021-38534

< 1.0.0.42

Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.

4.1MEDIUM

CVE-2021-38516

< 1.0.0.40

Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 be

10.0CRITICAL

CVE-2021-38514

< 1.0.0.42

Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 be

2.4LOW

CVE-2021-27239

< 1.0.0.54

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R670

8.8HIGH

CVE-2020-35800

< 1.0.0.48

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400

9.4CRITICAL

CVE-2020-35796

< 1.0.0.48

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D622

8.8HIGH

CVE-2018-21139

< 1.0.0.40

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0

7.5HIGH

CVE-2019-20730

< 1.0.0.40

Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1

9.8CRITICAL

CVE-2019-17372

all versions

Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi.

8.1HIGH