CVSS: 4.8EPSS: 0%CPEs: 18EXPL: 0CVE-2020-26917
https://notcve.org/view.php?id=CVE-2020-26917
Certain NETGEAR devices are affected by stored XSS. This affects EX7000 before 1.0.1.78, R6250 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R8300 before 1.0.2.128, and R8500 before 1.0.2.128. Determinados dispositivos NETGEAR, están afectados por una vulnerabilidad de tipo XSS almacenado. Esto afecta a EX7000 versiones anteriores a 1.0.1.78, R6250 versiones anteriores a 1.0.4.34, R6400 versiones anteriores a 1.0.1.46, R6400v2 versiones anteriores a 1.0.2.66, R7100LG versiones anteriores a 1.0.0.50, R7300DST versiones anteriores a 1.0.0.70, R7900 versiones anteriores a 1.0.3.8, R8300 versiones anteriores a 1.0.2.128, y R8500 versiones anteriores a 1.0.2.128 • https://kb.netgear.com/000062336/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extender-and-Routers-PSV-2018-0242 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-26918
https://notcve.org/view.php?id=CVE-2020-26918
Certain NETGEAR devices are affected by stored XSS. This affects EX7000 before 1.0.1.78, R6250 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R8300 before 1.0.2.128, and R8500 before 1.0.2.128. Determinados dispositivos NETGEAR, están afectados por una vulnerabilidad de tipo XSS almacenado. Esto afecta a EX7000 versiones anteriores a 1.0.1.78, R6250 versiones anteriores a 1.0.4.34, R6400 versiones anteriores a 1.0.1.46, R6400v2 versiones anteriores a 1.0.2.66, R6700v3 versiones anteriores a 1.0.2.66, R7100LG versiones anteriores a 1.0.0.50, R7300DST versiones anteriores a 1.0.0.70, R7900 versiones anteriores a 1.0.3.8, R8300 versiones anteriores a 1.0.2.128 y R8500 versiones anteriores a 1.0.2.128 • https://kb.netgear.com/000062335/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Extenders-and-Routers-PSV-2018-0243 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 97%CPEs: 2EXPL: 0CVE-2020-26919 – Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability
https://notcve.org/view.php?id=CVE-2020-26919
NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level. Los dispositivos NETGEAR JGS516PE versiones anteriores a 2.6.0.43, están afectados por una falta de control de acceso en el nivel función Netgear JGS516PE devices contain a missing function level access control vulnerability. • https://kb.netgear.com/000062334/Security-Advisory-for-Missing-Function-Level-Access-Control-on-JGS516PE-PSV-2020-0377 •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-26920
https://notcve.org/view.php?id=CVE-2020-26920
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects SRK60 before 2.5.3.110, SRR60 before 2.5.3.110, and SRS60 before 2.5.3.110. Determinados dispositivos NETGEAR, están afectados por una inyección de comandos por parte de un atacante no autenticado. Esto afecta a SRK60 versiones anteriores a 2.5.3.110, SRR60 versiones anteriores a 2.5.3.110 y SRS60 versiones anteriores a 2.5.3.110 • https://kb.netgear.com/000062333/Security-Advisory-for-Pre-Authentication-Command-Injection-on-Some-WiFi-Systems-PSV-2020-0327 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-26921
https://notcve.org/view.php?id=CVE-2020-26921
Certain NETGEAR devices are affected by authentication bypass. This affects GS110EMX before 1.0.1.7, GS810EMX before 1.7.1.3, XS512EM before 1.0.1.3, and XS724EM before 1.0.1.3. Determinados dispositivos NETGEAR, están afectados por una omisión de autenticación. Esto afecta a GS110EMX versiones anteriores a 1.0.1.7, GS810EMX versiones anteriores a 1.7.1.3, XS512EM versiones anteriores a 1.0.1.3 y XS724EM versiones anteriores a 1.0.1.3 • https://kb.netgear.com/000062332/Security-Advisory-for-Authentication-Bypass-on-Some-Smart-Managed-Plus-Switches-PSV-2020-0305 • CWE-287: Improper Authentication •