RAX40
by Netgear
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-48196 | 0.00 | — | 0.01 | Dec 30, 2022 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122, R6900P before 1.3.3.152, R7000P before 1.3.3.152, R7000 before 1.0.11.136,… | |||
| CVE-2021-45493 | 0.00 | — | 0.00 | Dec 26, 2021 | Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35 before 1.0.4.102, RAX38 before 1.0.4.102, and RAX40 before 1.0.4.102. | |||
| CVE-2021-41449 | 0.00 | — | 0.01 | Dec 9, 2021 | A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted… | |||
| CVE-2021-38526 | 0.00 | — | 0.00 | Aug 11, 2021 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX35 before 1.0.3.94, RAX38 before 1.0.3.94, and RAX40 before 1.0.3.94. | |||
| CVE-2021-38533 | 0.00 | — | 0.00 | Aug 10, 2021 | NETGEAR RAX40 devices before 1.0.3.64 are affected by stored XSS. | |||
| CVE-2021-38537 | 0.00 | — | 0.00 | Aug 10, 2021 | Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.66, R6260 before 1.1.0.78, R6700v2 before 1.2.0.76, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76,… | |||
| CVE-2020-26898 | 0.00 | — | 0.00 | Oct 9, 2020 | NETGEAR RAX40 devices before 1.0.3.80 are affected by incorrect configuration of security settings. | |||
| CVE-2019-20647 | 0.00 | — | 0.00 | Apr 15, 2020 | NETGEAR RAX40 devices before 1.0.3.64 are affected by denial of service. | |||
| CVE-2019-20646 | 0.00 | — | 0.00 | Apr 15, 2020 | NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials. | |||
| CVE-2019-20645 | 0.00 | — | 0.00 | Apr 15, 2020 | NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS. | |||
| CVE-2019-20644 | 0.00 | — | 0.00 | Apr 15, 2020 | NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS. | |||
| CVE-2019-20643 | 0.00 | — | 0.00 | Apr 15, 2020 | NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of sensitive information. | |||
| CVE-2019-20642 | 0.00 | — | 0.00 | Apr 15, 2020 | NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication bypass. | |||
| CVE-2019-20641 | 0.00 | — | 0.00 | Apr 15, 2020 | NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level. |
- CVE-2022-48196Dec 30, 2022risk 0.00cvss —epss 0.01
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX40 before 1.0.2.60, RAX35 before 1.0.2.60, R6400v2 before 1.0.4.122, R6700v3 before 1.0.4.122, R6900P before 1.3.3.152, R7000P before 1.3.3.152, R7000 before 1.0.11.136,…
- CVE-2021-45493Dec 26, 2021risk 0.00cvss —epss 0.00
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35 before 1.0.4.102, RAX38 before 1.0.4.102, and RAX40 before 1.0.4.102.
- CVE-2021-41449Dec 9, 2021risk 0.00cvss —epss 0.01
A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted…
- CVE-2021-38526Aug 11, 2021risk 0.00cvss —epss 0.00
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX35 before 1.0.3.94, RAX38 before 1.0.3.94, and RAX40 before 1.0.3.94.
- CVE-2021-38533Aug 10, 2021risk 0.00cvss —epss 0.00
NETGEAR RAX40 devices before 1.0.3.64 are affected by stored XSS.
- CVE-2021-38537Aug 10, 2021risk 0.00cvss —epss 0.00
Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.66, R6260 before 1.1.0.78, R6700v2 before 1.2.0.76, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76,…
- CVE-2020-26898Oct 9, 2020risk 0.00cvss —epss 0.00
NETGEAR RAX40 devices before 1.0.3.80 are affected by incorrect configuration of security settings.
- CVE-2019-20647Apr 15, 2020risk 0.00cvss —epss 0.00
NETGEAR RAX40 devices before 1.0.3.64 are affected by denial of service.
- CVE-2019-20646Apr 15, 2020risk 0.00cvss —epss 0.00
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials.
- CVE-2019-20645Apr 15, 2020risk 0.00cvss —epss 0.00
NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.
- CVE-2019-20644Apr 15, 2020risk 0.00cvss —epss 0.00
NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.
- CVE-2019-20643Apr 15, 2020risk 0.00cvss —epss 0.00
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of sensitive information.
- CVE-2019-20642Apr 15, 2020risk 0.00cvss —epss 0.00
NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication bypass.
- CVE-2019-20641Apr 15, 2020risk 0.00cvss —epss 0.00
NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level.