Netgear D7000 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Netgear D7000 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (92)
CVE-2021-38516 — CVSS 10.0 (critical): Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before…
CVE-2018-21134 — CVSS 9.8 (critical): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48…
CVE-2019-20730 — CVSS 9.8 (critical): Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 before 1.0.0.68, D6200 before 1.1.00.28…
CVE-2020-26927 — CVSS 9.4 (critical): Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before…
CVE-2020-26908 — CVSS 9.4 (critical): Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before…
CVE-2021-45501 — CVSS 9.4 (critical): Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, AC2600 before 1.1.0.84, D7000 before…
CVE-2021-27239 — CVSS 8.8 (high): This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700…
CVE-2017-18703 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D1500 before 1.0.0.25, D500 before 1.0.0.25, D6100 before 1.0.0.55, D7000 before…
CVE-2017-18764 — CVSS 8.8 (high): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before…
CVE-2017-18781 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44…
CVE-2017-18782 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JR6150 before 1.0.1.12, JNR1010v2…
CVE-2017-18791 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects R6050/JR6150 before 1.0.1.7, PR2000 before 1.0.0.17, R6220 before 1.1.0.50…
CVE-2018-21169 — CVSS 8.8 (high): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7000 before 2018-03-01, D7800 before…
CVE-2019-20640 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76…
CVE-2019-20656 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a hardcoded password. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before…
CVE-2019-20681 — CVSS 8.8 (high): Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.68, JR6150 before…
CVE-2019-20682 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76…
CVE-2019-20683 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76…
CVE-2019-20684 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.75…
CVE-2019-20685 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.75…
CVE-2019-20686 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.36, D7000 before…
CVE-2019-20690 — CVSS 8.8 (high): Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.30, D7000 before 1.0.1.66, R6020 before…
CVE-2019-20753 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before…
CVE-2020-11770 — CVSS 8.8 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before…
CVE-2020-11788 — CVSS 8.8 (high): Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.68, PR2000 before…
CVE-2020-35799 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76…
CVE-2021-45512 — CVSS 8.6 (high): Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before…
CVE-2017-18776 — CVSS 8.4 (high): Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, D7000 before V1.0.1.50, D7800 before…
CVE-2020-26911 — CVSS 8.3 (high): Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6200 before 1.1.00.38, D7000 before…
CVE-2019-20680 — CVSS 8.0 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7000v2 before 1.0.0.53, R6220 before…
CVE-2019-20657 — CVSS 8.0 (high): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6200 before 1.1.00.36, D7000 before…
CVE-2020-35787 — CVSS 8.0 (high): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before…
CVE-2017-18779 — CVSS 7.8 (high): Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before…
CVE-2021-45534 — CVSS 7.8 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects AC2100 before 1.2.0.88, AC2400 before…
CVE-2017-18843 — CVSS 7.8 (high): Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before…
CVE-2017-18844 — CVSS 7.8 (high): Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before…
CVE-2021-45551 — CVSS 7.6 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6200 before 1.1.00.40, D7000 before…
CVE-2019-20687 — CVSS 7.5 (high): Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.70, JR6150 before…
CVE-2018-21168 — CVSS 7.5 (high): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D7000 before 1.0.1.52, D7800 before 1.0.1.31…
CVE-2018-21139 — CVSS 7.5 (high): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27…
CVE-2020-26912 — CVSS 7.5 (high): Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JR6150 before 1.0.1.24, R6020…
CVE-2018-21156 — CVSS 7.2 (high): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before…
CVE-2021-45656 — CVSS 7.1 (high): Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before…
CVE-2021-45657 — CVSS 7.1 (high): Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before…
CVE-2020-35842 — CVSS 6.9 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62…
CVE-2020-35841 — CVSS 6.9 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62…
CVE-2020-35840 — CVSS 6.9 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62…
CVE-2019-20754 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before…
CVE-2021-45511 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021-08-27, AC2600…
CVE-2019-20712 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before…
CVE-2019-20718 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.48, D6400 before…
CVE-2019-20719 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.48, D6400 before…
CVE-2019-20755 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400…
CVE-2021-38525 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000…
CVE-2018-21225 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7000 before 1.0.1.60, D7800 before…
CVE-2017-18801 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by command injection. This affects R6220 before 1.1.0.50, R6700v2 before 1.1.0.38, R6800 before…
CVE-2017-18788 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2020-26914 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6200 before 1.1.00.38, D7000 before…
CVE-2019-20737 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44…
CVE-2019-20728 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before…
CVE-2019-20700 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44…
CVE-2019-20732 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before…
CVE-2019-20692 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44…
CVE-2017-18841 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by command injection. This affects R6220 before 1.1.0.46, R6700v2 before 1.1.0.38, R6800 before…
CVE-2019-20731 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.40, D6400 before…
CVE-2019-20733 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44…
CVE-2017-18798 — CVSS 6.2 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6700v2 before 1.1.0.38, R6800 before…
CVE-2017-18783 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150…
CVE-2017-18784 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44…
CVE-2017-18700 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29…
CVE-2017-18778 — CVSS 5.5 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.28, D6400 before…
CVE-2017-18780 — CVSS 5.5 (medium): Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before…
CVE-2018-21231 — CVSS 5.4 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before…
CVE-2018-21230 — CVSS 5.4 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before…
CVE-2021-45636 — CVSS 5.4 (medium): NETGEAR D7000 devices before 1.0.1.82 are affected by a stack-based buffer overflow by an unauthenticated attacker.
CVE-2020-26916 — CVSS 5.4 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6200 before 1.1.00.38, D7000 before…
CVE-2017-18785 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before…
CVE-2021-38531 — CVSS 4.7 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6200 before 1.1.00.40, D7000 before…
CVE-2017-18769 — CVSS 4.6 (medium): Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before…
CVE-2021-45641 — CVSS 4.6 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before…
CVE-2020-35803 — CVSS 4.4 (medium): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78…
CVE-2021-38535 — CVSS 4.3 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48…
CVE-2021-38536 — CVSS 4.3 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48…
CVE-2021-45672 — CVSS 4.2 (medium): Certain NETGEAR devices are affected by Stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48…
CVE-2021-38537 — CVSS 4.2 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48…
CVE-2021-38534 — CVSS 4.1 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200…
CVE-2021-45640 — CVSS 3.9 (low): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before…
CVE-2021-38514 — CVSS 2.4 (low): Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before…