Netgear Wnr1000 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Netgear Wnr1000 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (36)
CVE-2019-20489 — CVSS 9.8 (critical): An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web management interface (setup.cgi) has an authentication bypass and…
CVE-2019-20488 — CVSS 9.8 (critical): An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the web management interface (setup.cgi) are…
CVE-2013-3316 — CVSS 9.8 (critical): Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a…
CVE-2017-18737 — CVSS 8.8 (high): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150…
CVE-2017-18749 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44…
CVE-2018-21226 — CVSS 8.8 (high): Certain NETGEAR devices are affected by authentication bypass. This affects JNR1010v2 before 1.1.0.48, JWNR2010v5 before 1.1.0.48…
CVE-2017-18764 — CVSS 8.8 (high): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before…
CVE-2018-21169 — CVSS 8.8 (high): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7000 before 2018-03-01, D7800 before…
CVE-2017-18791 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects R6050/JR6150 before 1.0.1.7, PR2000 before 1.0.0.17, R6220 before 1.1.0.50…
CVE-2017-18781 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44…
CVE-2017-18782 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JR6150 before 1.0.1.12, JNR1010v2…
CVE-2019-20487 — CVSS 8.8 (high): An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the WNR1000V4 web management console are vulnerable…
CVE-2017-18703 — CVSS 8.8 (high): Certain NETGEAR devices are affected by CSRF. This affects D1500 before 1.0.0.25, D500 before 1.0.0.25, D6100 before 1.0.0.55, D7000 before…
CVE-2017-18734 — CVSS 8.8 (high): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150…
CVE-2017-18776 — CVSS 8.4 (high): Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, D7000 before V1.0.1.50, D7800 before…
CVE-2019-17372 — CVSS 8.1 (high): Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The…
CVE-2017-18787 — CVSS 7.8 (high): Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before…
CVE-2017-18779 — CVSS 7.8 (high): Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before…
CVE-2017-18786 — CVSS 7.8 (high): Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before…
CVE-2016-11059 — CVSS 7.5 (high): Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before…
CVE-2018-21139 — CVSS 7.5 (high): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27…
CVE-2018-21168 — CVSS 7.5 (high): Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D7000 before 1.0.1.52, D7800 before 1.0.1.31…
CVE-2016-11057 — CVSS 7.5 (high): Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before…
CVE-2017-18788 — CVSS 6.7 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before…
CVE-2017-18763 — CVSS 6.5 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNR1010v2 before 1.1.0.42, JR6150 before…
CVE-2019-20486 — CVSS 6.1 (medium): An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple pages (setup.cgi and adv_index.htm) within the web management…
CVE-2017-18783 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150…
CVE-2017-18784 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44…
CVE-2017-18780 — CVSS 5.5 (medium): Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before…
CVE-2017-18778 — CVSS 5.5 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.28, D6400 before…
CVE-2019-20738 — CVSS 5.4 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.34, JNR1010v2 before 1.1.0.50…
CVE-2018-21230 — CVSS 5.4 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before…
CVE-2018-21231 — CVSS 5.4 (medium): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before…
CVE-2018-21209 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by reflected XSS. This affects JNR1010v2 before 1.1.0.46, JR6150 before 1.0.1.10, JWNR2010v5 before…
CVE-2017-18785 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before…