Netgear D6000 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Netgear D6000 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (68)
CVE-2018-21137 — CVSS 9.8 (critical): Certain NETGEAR devices are affected by a hardcoded password. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76.
CVE-2019-20730 — CVSS 9.8 (critical): Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28…
CVE-2020-35800 — CVSS 9.4 (critical): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before…
CVE-2019-20683 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76…
CVE-2017-18762 — CVSS 8.8 (high): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D3600 before 1.0.0.68, D6000 before…
CVE-2020-35799 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76…
CVE-2018-21217 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21218 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21219 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21220 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21221 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21222 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21223 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21224 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2019-20640 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76…
CVE-2019-20682 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76…
CVE-2019-20684 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.75…
CVE-2019-20685 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.75…
CVE-2019-20691 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, EX3700 before 1.0.0.70, EX3800…
CVE-2018-21138 — CVSS 8.8 (high): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.76 and D6000 before…
CVE-2018-21207 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67…
CVE-2018-21210 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21211 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21212 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21213 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21214 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21215 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2018-21216 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2019-20709 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2019-20703 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2019-20704 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2020-35787 — CVSS 8.0 (high): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2019-20711 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2019-20705 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2019-20710 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2019-20701 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2019-20702 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2019-20708 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2015-8289 — CVSS 7.5 (high): The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows…
CVE-2016-11059 — CVSS 7.5 (high): Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before…
CVE-2019-20767 — CVSS 7.2 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, D3600…
CVE-2019-20725 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000…
CVE-2018-21111 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000…
CVE-2019-20688 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before…
CVE-2019-20689 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6000 before 1.0.0.75, D6100 before…
CVE-2019-20723 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000…
CVE-2019-20724 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before…
CVE-2019-20726 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before…
CVE-2019-20735 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000…
CVE-2019-20736 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6000 before 1.0.0.72, D6100…
CVE-2021-38525 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000…
CVE-2017-18788 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2021-45550 — CVSS 6.6 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2019-20717 — CVSS 6.5 (medium): Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before…
CVE-2018-21140 — CVSS 6.5 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.76 and D6000 before…
CVE-2017-18740 — CVSS 6.3 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.61, D6000 before…
CVE-2015-8288 — CVSS 5.9 (medium): NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across…
CVE-2019-20752 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200…
CVE-2019-20746 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by reflected XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44…
CVE-2017-18785 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before…
CVE-2019-20714 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, DM200…
CVE-2019-20715 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.63, D7800…
CVE-2019-20720 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D7800 before 1.0.1.47…
CVE-2018-21136 — CVSS 4.6 (medium): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76.
CVE-2021-45641 — CVSS 4.6 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before…
CVE-2021-38534 — CVSS 4.1 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200…
CVE-2021-45640 — CVSS 3.9 (low): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before…
CVE-2021-38514 — CVSS 2.4 (low): Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before…