XR1000
by Netgear
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-34870 | 0.00 | — | 0.01 | Jan 25, 2022 | This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP… | |||
| CVE-2021-45510 | 0.00 | — | 0.01 | Dec 26, 2021 | NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass. | |||
| CVE-2021-45513 | 0.00 | — | 0.01 | Dec 26, 2021 | NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. | |||
| CVE-2021-45514 | 0.00 | — | 0.01 | Dec 26, 2021 | NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. | |||
| CVE-2021-45517 | 0.00 | — | 0.00 | Dec 26, 2021 | NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. | |||
| CVE-2021-45518 | 0.00 | — | 0.00 | Dec 26, 2021 | NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. | |||
| CVE-2021-45519 | 0.00 | — | 0.00 | Dec 26, 2021 | NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. | |||
| CVE-2021-45522 | 0.00 | — | 0.01 | Dec 26, 2021 | NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password. | |||
| CVE-2021-45643 | 0.00 | — | 0.00 | Dec 26, 2021 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, and XR1000 before 1.0.0.58. | |||
| CVE-2021-45654 | 0.00 | — | 0.01 | Dec 26, 2021 | NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information. |
- CVE-2021-34870Jan 25, 2022risk 0.00cvss —epss 0.01
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP…
- CVE-2021-45510Dec 26, 2021risk 0.00cvss —epss 0.01
NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass.
- CVE-2021-45513Dec 26, 2021risk 0.00cvss —epss 0.01
NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.
- CVE-2021-45514Dec 26, 2021risk 0.00cvss —epss 0.01
NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.
- CVE-2021-45517Dec 26, 2021risk 0.00cvss —epss 0.00
NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.
- CVE-2021-45518Dec 26, 2021risk 0.00cvss —epss 0.00
NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.
- CVE-2021-45519Dec 26, 2021risk 0.00cvss —epss 0.00
NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.
- CVE-2021-45522Dec 26, 2021risk 0.00cvss —epss 0.01
NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password.
- CVE-2021-45643Dec 26, 2021risk 0.00cvss —epss 0.00
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, and XR1000 before 1.0.0.58.
- CVE-2021-45654Dec 26, 2021risk 0.00cvss —epss 0.01
NETGEAR XR1000 devices before 1.0.0.58 are affected by disclosure of sensitive information.