| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-45890 | Cri | 0.00 | 9.8 | 0.02 | Dec 27, 2021 | basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive identifier. | ||
| CVE-2021-4161 | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server. | ||
| CVE-2021-43857 | Cri | 0.00 | 9.8 | 0.55 | Dec 27, 2021 | Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8. | ||
| CVE-2021-45232 | Cri | 0.71 | 9.8 | 0.86 | Dec 27, 2021 | In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of… | ||
| CVE-2021-45709 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the crypto2 crate through 2021-10-08 for Rust. During Chacha20 encryption and decryption, an unaligned read of a u32 may occur. | |
| CVE-2021-45707 | — | Cri | 0.64 | 9.8 | 0.02 | Dec 27, 2021 | An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups. | |
| CVE-2021-45706 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the zeroize_derive crate before 1.1.1 for Rust. Dropped memory is not zeroed out for an enum. | |
| CVE-2021-45705 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer. | |
| CVE-2021-45703 | — | Cri | 0.57 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the tectonic_xdv crate before 0.1.12 for Rust. XdvParser::::process may read from uninitialized memory locations. | |
| CVE-2021-45701 | — | Cri | 0.00 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A patch operation may result in a use-after-free. | |
| CVE-2021-45698 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the ckb crate before 0.40.0 for Rust. A get_block_template RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction. | |
| CVE-2021-45697 | — | Cri | 0.00 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the molecule crate before 0.7.2 for Rust. A FixVec partial read has an incorrect result. | |
| CVE-2021-45696 | — | Cri | 0.00 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the sha2 crate 0.9.7 before 0.9.8 for Rust. Hashes of long messages may be incorrect when the AVX2-accelerated backend is used. | |
| CVE-2021-45695 | — | Cri | 0.64 | 9.8 | 0.02 | Dec 27, 2021 | An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass. | |
| CVE-2021-45693 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string_primitive may read from uninitialized memory locations. | |
| CVE-2021-45692 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_extension_others may read from uninitialized memory locations. | |
| CVE-2021-45691 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string may read from uninitialized memory locations. | |
| CVE-2021-45690 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_binary may read from uninitialized memory locations. | |
| CVE-2021-45689 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the gfx-auxil crate through 2021-01-07 for Rust. gfx_auxil::read_spirv may read from uninitialized memory locations. | |
| CVE-2021-45688 | — | Cri | 0.57 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the ash crate before 0.33.1 for Rust. util::read_spv may read from uninitialized memory locations. | |
| CVE-2021-45687 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic. | |
| CVE-2021-45686 | — | Cri | 0.00 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preamble_skipcount may read from uninitialized memory locations. | |
| CVE-2021-45685 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the columnar crate through 2021-01-07 for Rust. ColumnarReadExt::read_typed_vec may read from uninitialized memory locations. | |
| CVE-2021-45684 | — | Cri | 0.57 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the flumedb crate through 2021-01-07 for Rust. read_entry may read from uninitialized memory locations. | |
| CVE-2021-45683 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the binjs_io crate through 2021-01-03 for Rust. The Read method may read from uninitialized memory locations. | |
| CVE-2021-45682 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the bronzedb-protocol crate through 2021-01-03 for Rust. ReadKVExt may read from uninitialized memory locations. | |
| CVE-2020-36514 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations. | |
| CVE-2020-36513 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. read_up_to may read from uninitialized memory locations. | |
| CVE-2020-36512 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the buffoon crate through 2020-12-31 for Rust. InputStream::read_exact may read from uninitialized memory locations. | |
| CVE-2018-25026 | — | Cri | 0.57 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption. | |
| CVE-2018-25025 | — | Cri | 0.64 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption. | |
| CVE-2018-25024 | — | Cri | 0.57 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption. | |
| CVE-2021-45678 | Cri | 0.64 | 9.8 | 0.01 | Dec 26, 2021 | NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code. | ||
| CVE-2021-45654 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information. | ||
| CVE-2021-45652 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10. | ||
| CVE-2021-45650 | Cri | 0.59 | 9.1 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RS400 before 1.5.1.80, R6400v2 before 1.0.4.102, R7000P before 1.3.2.126, R6700v3 before 1.0.4.102, and R6900P before… | ||
| CVE-2021-45638 | Cri | 0.63 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.74, D8500 before 1.0.3.60, DC112A before 1.0.0.56, R6300v2 before 1.0.4.50, R6400 before… | ||
| CVE-2021-45635 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | ||
| CVE-2021-45634 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | ||
| CVE-2021-45633 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12. | ||
| CVE-2021-45632 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | ||
| CVE-2021-45631 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and… | ||
| CVE-2021-45630 | Cri | 0.65 | 10.0 | 0.02 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and… | ||
| CVE-2021-45629 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | ||
| CVE-2021-45628 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12,… | ||
| CVE-2021-45627 | Cri | 0.63 | 9.6 | 0.02 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | ||
| CVE-2021-45626 | Cri | 0.62 | 9.6 | 0.01 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK20 before 2.6.1.36, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before… | ||
| CVE-2021-45625 | Cri | 0.63 | 9.6 | 0.02 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects XR300 before 1.0.3.68, R7000P before 1.3.3.140, and R6900P before 1.3.3.140. | ||
| CVE-2021-45624 | Cri | 0.63 | 9.6 | 0.02 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R7000 before 1.0.11.110, R7100LG before 1.0.0.72, R7900 before 1.0.4.30, R8000 before 1.0.4.62, XR300 before 1.0.3.56, R7000P… | ||
| CVE-2021-45622 | Cri | 0.63 | 9.6 | 0.02 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before… |
- risk 0.00cvss 9.8epss 0.02
basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive identifier.
- risk 0.64cvss 9.8epss 0.01
The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server.
- risk 0.00cvss 9.8epss 0.55
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8.
- risk 0.71cvss 9.8epss 0.86
In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the crypto2 crate through 2021-10-08 for Rust. During Chacha20 encryption and decryption, an unaligned read of a u32 may occur.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the zeroize_derive crate before 1.1.1 for Rust. Dropped memory is not zeroed out for an enum.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer.
- risk 0.57cvss 9.8epss 0.01
An issue was discovered in the tectonic_xdv crate before 0.1.12 for Rust. XdvParser::::process may read from uninitialized memory locations.
- risk 0.00cvss 9.8epss 0.01
An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A patch operation may result in a use-after-free.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the ckb crate before 0.40.0 for Rust. A get_block_template RPC call may fail in situations where it is supposed to select a Nervos CKB blockchain transaction with a higher fee rate than another transaction.
- risk 0.00cvss 9.8epss 0.01
An issue was discovered in the molecule crate before 0.7.2 for Rust. A FixVec partial read has an incorrect result.
- risk 0.00cvss 9.8epss 0.01
An issue was discovered in the sha2 crate 0.9.7 before 0.9.8 for Rust. Hashes of long messages may be incorrect when the AVX2-accelerated backend is used.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string_primitive may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_extension_others may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_string may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserialize_binary may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the gfx-auxil crate through 2021-01-07 for Rust. gfx_auxil::read_spirv may read from uninitialized memory locations.
- risk 0.57cvss 9.8epss 0.01
An issue was discovered in the ash crate before 0.33.1 for Rust. util::read_spv may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic.
- risk 0.00cvss 9.8epss 0.01
An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preamble_skipcount may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the columnar crate through 2021-01-07 for Rust. ColumnarReadExt::read_typed_vec may read from uninitialized memory locations.
- risk 0.57cvss 9.8epss 0.01
An issue was discovered in the flumedb crate through 2021-01-07 for Rust. read_entry may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the binjs_io crate through 2021-01-03 for Rust. The Read method may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the bronzedb-protocol crate through 2021-01-03 for Rust. ReadKVExt may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. read_up_to may read from uninitialized memory locations.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the buffoon crate through 2020-12-31 for Rust. InputStream::read_exact may read from uninitialized memory locations.
- risk 0.57cvss 9.8epss 0.01
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption.
- risk 0.57cvss 9.8epss 0.01
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.
- risk 0.64cvss 9.8epss 0.01
NETGEAR RAX200 devices before 1.0.5.132 are affected by insecure code.
- risk 0.62cvss 9.6epss 0.01
NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information.
- risk 0.62cvss 9.6epss 0.01
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK352 before 4.4.0.10, RBR350 before 4.4.0.10, and RBS350 before 4.4.0.10.
- risk 0.59cvss 9.1epss 0.01
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R7000 before 1.0.11.110, R7900 before 1.0.4.30, R8000 before 1.0.4.62, RS400 before 1.5.1.80, R6400v2 before 1.0.4.102, R7000P before 1.3.2.126, R6700v3 before 1.0.4.102, and R6900P before…
- risk 0.63cvss 9.6epss 0.01
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.74, D8500 before 1.0.3.60, DC112A before 1.0.0.56, R6300v2 before 1.0.4.50, R6400 before…
- risk 0.62cvss 9.6epss 0.01
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
- risk 0.62cvss 9.6epss 0.01
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
- risk 0.62cvss 9.6epss 0.01
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12.
- risk 0.62cvss 9.6epss 0.01
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
- risk 0.62cvss 9.6epss 0.01
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and…
- risk 0.65cvss 10.0epss 0.02
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and…
- risk 0.62cvss 9.6epss 0.01
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
- risk 0.62cvss 9.6epss 0.01
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, RBK752 before 3.2.17.12, RBR750 before 3.2.17.12, RBS750 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12,…
- risk 0.63cvss 9.6epss 0.02
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR750 before 4.6.3.6, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.
- risk 0.62cvss 9.6epss 0.01
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK20 before 2.6.1.36, RBR20 before 2.6.1.36, RBS20 before 2.6.1.38, RBK40 before 2.6.1.36, RBR40 before 2.6.1.36, RBS40 before 2.6.1.38, RBK50 before 2.6.1.40, RBR50 before…
- risk 0.63cvss 9.6epss 0.02
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects XR300 before 1.0.3.68, R7000P before 1.3.3.140, and R6900P before 1.3.3.140.
- risk 0.63cvss 9.6epss 0.02
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R7000 before 1.0.11.110, R7100LG before 1.0.0.72, R7900 before 1.0.4.30, R8000 before 1.0.4.62, XR300 before 1.0.3.56, R7000P…
- risk 0.63cvss 9.6epss 0.02
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before…