Xr500
by Netgear
CVEs (41)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-21118 | Hig | 0.57 | 8.8 | 0.01 | Apr 22, 2020 | NETGEAR XR500 devices before 2.3.2.32 are affected by authentication bypass. | ||
| CVE-2018-21117 | Hig | 0.57 | 8.8 | 0.01 | Apr 22, 2020 | NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers via the traceroute handler. | ||
| CVE-2018-21116 | Hig | 0.57 | 8.8 | 0.01 | Apr 22, 2020 | NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers. | ||
| CVE-2018-21115 | Hig | 0.57 | 8.8 | 0.01 | Apr 22, 2020 | NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers. | ||
| CVE-2021-45623 | Hig | 0.54 | 8.3 | 0.02 | Dec 26, 2021 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R7800 before 1.0.2.74, R9000 before 1.0.5.2, and XR500 before 2.3.2.66. | ||
| CVE-2025-25246 | Hig | 0.53 | 8.1 | 0.01 | Feb 5, 2025 | NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users. | ||
| CVE-2019-20711 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32. | ||
| CVE-2019-20710 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32. | ||
| CVE-2019-20709 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32. | ||
| CVE-2019-20708 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32. | ||
| CVE-2019-20707 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.60 and XR500 before 2.3.2.32. | ||
| CVE-2019-20706 | Hig | 0.52 | 8.0 | 0.02 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.60 and XR500 before 2.3.2.32. | ||
| CVE-2019-20705 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32. | ||
| CVE-2019-20704 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32. | ||
| CVE-2019-20703 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32. | ||
| CVE-2019-20702 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32. | ||
| CVE-2019-20701 | Hig | 0.52 | 8.0 | 0.01 | Apr 16, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32. | ||
| CVE-2019-20655 | Hig | 0.51 | 7.8 | 0.01 | Apr 15, 2020 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR500 before 2.3.2.56 and XR700 before 1.0.1.20. | ||
| CVE-2019-20650 | Hig | 0.49 | 7.5 | 0.01 | Apr 15, 2020 | Certain NETGEAR devices are affected by denial of service. This affects R8900 before 1.0.5.2, R9000 before 1.0.5.2, XR500 before 2.3.2.56, and XR700 before 1.0.1.20. | ||
| CVE-2021-29069 | Hig | 0.47 | 7.3 | 0.00 | Mar 23, 2021 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before 2.3.2.114, and WNR2000v5 before 1.0.0.76. |
- risk 0.57cvss 8.8epss 0.01
NETGEAR XR500 devices before 2.3.2.32 are affected by authentication bypass.
- risk 0.57cvss 8.8epss 0.01
NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers via the traceroute handler.
- risk 0.57cvss 8.8epss 0.01
NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers.
- risk 0.57cvss 8.8epss 0.01
NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers.
- risk 0.54cvss 8.3epss 0.02
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R7800 before 1.0.2.74, R9000 before 1.0.5.2, and XR500 before 2.3.2.66.
- risk 0.53cvss 8.1epss 0.01
NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.60 and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.02
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.60 and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
- risk 0.52cvss 8.0epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
- risk 0.51cvss 7.8epss 0.01
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR500 before 2.3.2.56 and XR700 before 1.0.1.20.
- risk 0.49cvss 7.5epss 0.01
Certain NETGEAR devices are affected by denial of service. This affects R8900 before 1.0.5.2, R9000 before 1.0.5.2, XR500 before 2.3.2.56, and XR700 before 1.0.1.20.
- risk 0.47cvss 7.3epss 0.00
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before 2.3.2.114, and WNR2000v5 before 1.0.0.76.
Page 1 of 3