R6850
by Netgear
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-30568 | Cri | 0.67 | 9.8 | 0.47 | Apr 3, 2024 | Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter. | ||
| CVE-2024-30572 | Hig | 0.52 | 8.0 | 0.01 | Apr 3, 2024 | Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter. | ||
| CVE-2024-30571 | Hig | 0.50 | 7.5 | 0.14 | Apr 3, 2024 | An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | ||
| CVE-2024-30569 | Hig | 0.49 | 7.5 | 0.02 | Apr 3, 2024 | An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | ||
| CVE-2021-45675 | Med | 0.38 | 5.8 | 0.00 | Dec 26, 2021 | Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6700v2 before 1.2.0.76, R6900v2 before 1.2.0.76, R7200 before 1.2.0.76,… | ||
| CVE-2024-30570 | Med | 0.35 | 5.3 | 0.01 | Apr 3, 2024 | An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required. | ||
| CVE-2025-12942 | 0.00 | — | 0.00 | Nov 11, 2025 | Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through… |
- risk 0.67cvss 9.8epss 0.47
Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter.
- risk 0.52cvss 8.0epss 0.01
Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter.
- risk 0.50cvss 7.5epss 0.14
An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
- risk 0.49cvss 7.5epss 0.02
An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
- risk 0.38cvss 5.8epss 0.00
Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2.0.76, R6700v2 before 1.2.0.76, R6900v2 before 1.2.0.76, R7200 before 1.2.0.76,…
- risk 0.35cvss 5.3epss 0.01
An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.
- CVE-2025-12942Nov 11, 2025risk 0.00cvss —epss 0.00
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through…