JNR1010
by Netgear
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-11014 | 0.00 | — | 0.03 | Oct 16, 2019 | NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case. | |||
| CVE-2016-11015 | 0.00 | — | 0.01 | Oct 16, 2019 | NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter. | |||
| CVE-2016-11016 | 0.00 | — | 0.02 | Oct 16, 2019 | NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS. |
- CVE-2016-11014Oct 16, 2019risk 0.00cvss —epss 0.03
NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.
- CVE-2016-11015Oct 16, 2019risk 0.00cvss —epss 0.01
NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.
- CVE-2016-11016Oct 16, 2019risk 0.00cvss —epss 0.02
NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS.