Netgear R6700v3 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Netgear R6700v3 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (30)
CVE-2021-45617 — CVSS 9.8 (critical): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, EAX20 before…
CVE-2023-36187 — CVSS 9.8 (critical): Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary…
CVE-2020-35795 — CVSS 9.8 (critical): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400…
CVE-2021-45620 — CVSS 9.6 (critical): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before…
CVE-2021-45527 — CVSS 9.6 (critical): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before…
CVE-2021-45622 — CVSS 9.6 (critical): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before…
CVE-2021-45621 — CVSS 9.6 (critical): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before…
CVE-2021-45612 — CVSS 9.6 (critical): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before…
CVE-2021-45610 — CVSS 9.6 (critical): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.66, D6400 before…
CVE-2020-35800 — CVSS 9.4 (critical): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before…
CVE-2020-35798 — CVSS 9.3 (critical): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700v3…
CVE-2021-45650 — CVSS 9.1 (critical): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30…
CVE-2020-35796 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before…
CVE-2021-34991 — CVSS 8.8 (high): This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400v2…
CVE-2021-45554 — CVSS 8.4 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400 before 1.0.1.74, R6400v2 before…
CVE-2021-45643 — CVSS 8.2 (high): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6400v2 before 1.0.4.118, R6700v3 before…
CVE-2021-40847 — CVSS 8.1 (high): The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code…
CVE-2021-45649 — CVSS 7.9 (high): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84…
CVE-2022-48196 — CVSS 7.4 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before…
CVE-2021-45607 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400v2 before 1.0.4.118…
CVE-2021-34983 — CVSS 6.5 (medium): NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability. This vulnerability allows…
CVE-2021-45608 — CVSS 6.5 (medium): Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated…
CVE-2021-45525 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7000 before 1.0.1.80, R6400 before…
CVE-2021-45641 — CVSS 4.6 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before…
CVE-2026-9210 — CVSS 4.5 (medium): Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network…
CVE-2021-45606 — CVSS 4.5 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6400 before 1.0.1.70, R7000…
CVE-2026-0417 — CVSS 4.5 (medium): Insufficient input validation vulnerability in the listed NETGEAR devices allows authenticated administrators connected to the local…
CVE-2020-26918 — CVSS 4.1 (medium): Certain NETGEAR devices are affected by stored XSS. This affects EX7000 before 1.0.1.78, R6250 before 1.0.4.34, R6400 before 1.0.1.46…
CVE-2021-45640 — CVSS 3.9 (low): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before…