Netgear Jnr1010 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Netgear Jnr1010 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (33)
CVE-2016-11014 — CVSS 9.8 (critical): NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.
CVE-2017-18781 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44…
CVE-2017-18703 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D1500 before 1.0.0.25, D500 before 1.0.0.25, D6100 before 1.0.0.55, D7000 before…
CVE-2017-18734 — CVSS 8.8 (high): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150…
CVE-2017-18737 — CVSS 8.8 (high): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150…
CVE-2017-18749 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44…
CVE-2017-18764 — CVSS 8.8 (high): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before…
CVE-2017-18782 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JR6150 before 1.0.1.12, JNR1010v2…
CVE-2017-18791 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects R6050/JR6150 before 1.0.1.7, PR2000 before 1.0.0.17, R6220 before 1.1.0.50…
CVE-2018-21169 — CVSS 8.8 (high): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7000 before 2018-03-01, D7800 before…
CVE-2018-21226 — CVSS 8.8 (high): Certain NETGEAR devices are affected by authentication bypass. This affects JNR1010v2 before 1.1.0.48, JWNR2010v5 before 1.1.0.48…
CVE-2017-18776 — CVSS 8.4 (high): Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, D7000 before V1.0.1.50, D7800 before…
CVE-2017-18787 — CVSS 7.8 (high): Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before…
CVE-2017-18786 — CVSS 7.8 (high): Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before…
CVE-2017-18779 — CVSS 7.8 (high): Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before…
CVE-2018-21139 — CVSS 7.5 (high): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27…
CVE-2018-21168 — CVSS 7.5 (high): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D7000 before 1.0.1.52, D7800 before 1.0.1.31…
CVE-2016-11059 — CVSS 7.5 (high): Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before…
CVE-2016-11057 — CVSS 7.5 (high): Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before…
CVE-2017-18788 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2017-18763 — CVSS 6.5 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNR1010v2 before 1.1.0.42, JR6150 before…
CVE-2016-11015 — CVSS 6.5 (medium): NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL…
CVE-2017-18783 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150…
CVE-2017-18784 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44…
CVE-2017-18780 — CVSS 5.5 (medium): Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before…
CVE-2017-18778 — CVSS 5.5 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.28, D6400 before…
CVE-2019-20738 — CVSS 5.4 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.34, JNR1010v2 before 1.1.0.50…
CVE-2018-21230 — CVSS 5.4 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before…
CVE-2018-21231 — CVSS 5.4 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before…
CVE-2018-21209 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by reflected XSS. This affects JNR1010v2 before 1.1.0.46, JR6150 before 1.0.1.10, JWNR2010v5 before…
CVE-2017-18785 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before…
CVE-2016-11055 — CVSS 4.3 (medium): Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500…