CVE-2025-12946

< 1.0.17.142

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow att

7.5HIGH

CVE-2021-34983

< 1.0.4.100

NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerabili

6.5MEDIUM

CVE-2021-34982

< 1.0.4.100

NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-

8.8HIGH

CVE-2022-27647

< 1.0.10.110

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.

8.0HIGH

CVE-2022-27645

< 1.0.10.110

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers

8.8HIGH

CVE-2022-27642

< 1.0.10.110

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.1

8.8HIGH

CVE-2021-20171

all versions

Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated

5.5MEDIUM

CVE-2021-20170

all versions

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to

8.8HIGH

CVE-2021-20169

all versions

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from

6.8MEDIUM

CVE-2021-20168

all versions

Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A malicious actor with physical access

6.8MEDIUM

CVE-2021-20167

all versions

Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command

8.0HIGH

CVE-2021-20166

all versions

Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of t

8.8HIGH

CVE-2021-45622

< 1.0.3.96

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR7

9.6CRITICAL

CVE-2021-45621

< 1.0.3.96

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR7

9.6CRITICAL

CVE-2021-45620

< 1.0.3.96

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR7

9.6CRITICAL

CVE-2021-45616

< 1.0.3.96

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 3.2.18.2, LAX

9.6CRITICAL

CVE-2021-45614

< 1.0.3.96

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.74, LA

9.6CRITICAL

CVE-2021-45613

< 1.0.3.96

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR7

9.6CRITICAL

CVE-2021-45612

< 1.0.3.96

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR7

9.6CRITICAL

CVE-2021-45604

< 1.0.3.96

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.

4.5MEDIUM

CVE-2021-45549

< 1.0.3.96

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LAX20 before 1.1.6.28, MK62 befor

8.4HIGH

CVE-2021-34991

< 1.0.4.100

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2 1.0.4.

8.8HIGH