Netgear Xr450 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Netgear Xr450 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (23)
CVE-2021-38516 — CVSS 10.0 (critical): Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before…
CVE-2021-29068 — CVSS 9.9 (critical): Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6700v3 before 1.0.4.98, R6400v2 before…
CVE-2020-35795 — CVSS 9.8 (critical): Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400…
CVE-2021-45618 — CVSS 9.6 (critical): Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.64, EX6200v2…
CVE-2020-35800 — CVSS 9.4 (critical): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before…
CVE-2021-27255 — CVSS 8.8 (high): This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76…
CVE-2021-27256 — CVSS 8.8 (high): This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version…
CVE-2021-27254 — CVSS 8.8 (high): This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is…
CVE-2020-35799 — CVSS 8.8 (high): Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76…
CVE-2021-27251 — CVSS 8.8 (high): This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800…
CVE-2021-27252 — CVSS 8.8 (high): This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version…
CVE-2021-27253 — CVSS 8.8 (high): This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800…
CVE-2026-9212 — CVSS 8.0 (high): Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute…
CVE-2021-45642 — CVSS 7.5 (high): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.64, EX6250 before…
CVE-2021-29069 — CVSS 7.3 (high): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before…
CVE-2020-26913 — CVSS 6.8 (medium): Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800…
CVE-2021-27257 — CVSS 6.5 (medium): This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of…
CVE-2021-45603 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device's serial number, which can be…
CVE-2021-45602 — CVSS 6.1 (medium): Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before…
CVE-2019-20721 — CVSS 4.8 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76…
CVE-2021-38534 — CVSS 4.1 (medium): Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200…
CVE-2021-45640 — CVSS 3.9 (low): Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before…