Netgear Rax35 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Netgear Rax35 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2020-35800 — CVSS 9.4 (critical): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before…
CVE-2022-27645 — CVSS 8.8 (high): This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers…
CVE-2022-27642 — CVSS 8.8 (high): This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3…
CVE-2021-45549 — CVSS 8.4 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LAX20 before 1.1.6.28, MK62 before…
CVE-2022-27647 — CVSS 8.0 (high): This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3…
CVE-2021-45493 — CVSS 7.6 (high): Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35 before 1.0.4.102, RAX38 before…
CVE-2022-48196 — CVSS 7.4 (high): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before…
CVE-2021-41449 — CVSS 7.1 (high): A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated…
CVE-2026-0420 — CVSS 5.9 (medium): An improper implementation of TLS certificate validation vulnerability found in NETGEAR's ReadyCloud client app which could allow an…
CVE-2021-45604 — CVSS 4.5 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects CBR750 before 3.2.18.2, D6220…
CVE-2021-38536 — CVSS 4.3 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48…
CVE-2021-38535 — CVSS 4.3 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48…
CVE-2021-38526 — CVSS 4.3 (medium): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX35 before 1.0.3.94, RAX38 before…