DGN2200v4
by Netgear
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-5649 | Cri | 0.66 | 9.8 | 0.27 | Jul 24, 2018 | A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin… | ||
| CVE-2013-10060 | 0.09 | — | 0.05 | Aug 1, 2025 | An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the… | |||
| CVE-2024-57046 | 0.04 | — | 0.02 | Feb 18, 2025 | A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the authentication. When adding "?x=1.gif" to the the requested url, it will be recognized as passing the authentication. | |||
| CVE-2025-12944 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4… | |||
| CVE-2017-18853 | 0.00 | — | 0.01 | Apr 29, 2020 | Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20… | |||
| CVE-2016-11054 | 0.00 | — | 0.02 | Apr 28, 2020 | NETGEAR DGN2200v4 devices before 2017-01-06 are affected by command execution and an FTP insecure root directory. | |||
| CVE-2019-20740 | 0.00 | — | 0.00 | Apr 16, 2020 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R7300 before 1.0.0.70, R8300 before 1.0.2.130, and R8500 before 1.0.2.130. | |||
| CVE-2019-20716 | 0.00 | — | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v4 before 1.0.0.110 and DGND2200Bv4 before 1.0.0.109. |
- risk 0.66cvss 9.8epss 0.27
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin…
- CVE-2013-10060Aug 1, 2025risk 0.09cvss —epss 0.05
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the…
- CVE-2024-57046Feb 18, 2025risk 0.04cvss —epss 0.02
A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the authentication. When adding "?x=1.gif" to the the requested url, it will be recognized as passing the authentication.
- CVE-2025-12944Nov 11, 2025risk 0.00cvss —epss 0.00
Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4…
- CVE-2017-18853Apr 29, 2020risk 0.00cvss —epss 0.01
Certain NETGEAR devices are affected by password recovery and file access. This affects D8500 1.0.3.27 and earlier, DGN2200v4 1.0.0.82 and earlier, R6300v2 1.0.4.06 and earlier, R6400 1.0.1.20 and earlier, R6400v2 1.0.2.18 and earlier, R6700 1.0.1.22 and earlier, R6900 1.0.1.20…
- CVE-2016-11054Apr 28, 2020risk 0.00cvss —epss 0.02
NETGEAR DGN2200v4 devices before 2017-01-06 are affected by command execution and an FTP insecure root directory.
- CVE-2019-20740Apr 16, 2020risk 0.00cvss —epss 0.00
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R7300 before 1.0.0.70, R8300 before 1.0.2.130, and R8500 before 1.0.2.130.
- CVE-2019-20716Apr 16, 2020risk 0.00cvss —epss 0.01
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v4 before 1.0.0.110 and DGND2200Bv4 before 1.0.0.109.