CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-21226
https://notcve.org/view.php?id=CVE-2018-21226
Certain NETGEAR devices are affected by authentication bypass. This affects JNR1010v2 before 1.1.0.48, JWNR2010v5 before 1.1.0.48, WNR1000v4 before 1.1.0.48, WNR2020 before 1.1.0.48, and WNR2050 before 1.1.0.48. Determinados dispositivos de NETGEAR están afectados por una omisión de autenticación. Esto afecta a JNR1010v2 versiones anteriores a 1.1.0.48, JWNR2010v5 versiones anteriores a 1.1.0.48, WNR1000v4 versiones anteriores a 1.1.0.48, WNR2020 versiones anteriores a 1.1.0.48, y WNR2050 versiones anteriores a 1.1.0.48. • https://kb.netgear.com/000055110/Security-Advisory-for-Authentication-Bypass-on-Some-Routers-PSV-2017-0748 • CWE-269: Improper Privilege Management •
CVSS: 6.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-21225
https://notcve.org/view.php?id=CVE-2018-21225
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, R6700 before 1.0.1.30, R6700v2 before 1.2.0.16, R6800 before 1.2.0.16, R6900 before 1.0.1.30, R6900P before 1.2.0.22, R6900v2 before 1.2.0.16, R7000 before 1.0.9.12, R7000P before 1.2.0.22, R7500v2 before 1.0.3.20, R7800 before 1.0.2.44, R8300 before 1.0.2.106, R8500 before 1.0.2.106, and R9000 before 1.0.2.52. Determinados dispositivos de NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a D7000 versiones anteriores a 1.0.1.60, D7800 versiones anteriores a 1.0.1.34, D8500 versiones anteriores a 1.0.3.39, R6700 versiones anteriores a 1.0.1.30, R6700v2 versiones anteriores a 1.2.0.16, R6800 versiones anteriores a 1.2.0.16, R6900 versiones anteriores a 1.0.1.30, R6900P versiones anteriores a 1.2.0. 22, R6900v2 versiones anteriores a 1.2.0.16, R7000 versiones anteriores a 1.0.9.12, R7000P versiones anteriores a 1.2.0.22, R7500v2 versiones anteriores a 1.0.3.20, R7800 versiones anteriores a 1.0.2.44, R8300 versiones anteriores a 1.0.2.106, R8500 versiones anteriores a 1.0.2.106, y R9000 versiones anteriores a 1.0.2.52. • https://kb.netgear.com/000055112/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-and-Gateways-PSV-2017-2160 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 24EXPL: 0CVE-2018-21224
https://notcve.org/view.php?id=CVE-2018-21224
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. Determinados dispositivos de NETGEAR están afectados por un desbordamiento del búfer por parte de un atacante no autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.67, D6000 versiones anteriores a 1.0.0.67, D7800 versiones anteriores a 1.0.1.30, R6100 versiones anteriores a 1.0.1.20, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3. 24, R9000 versiones anteriores a 1.0.2.52, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.50, WNDR4500v3 versiones anteriores a 1.0.0.50, y WNR2000v5 versiones anteriores a 1.0.0.62. • https://kb.netgear.com/000055113/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2456 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 24EXPL: 0CVE-2018-21223
https://notcve.org/view.php?id=CVE-2018-21223
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. Determinados dispositivos de NETGEAR están afectados por un desbordamiento del búfer por parte de un atacante no autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.67, D6000 versiones anteriores a 1.0.0.67, D7800 versiones anteriores a 1.0.1.30, R6100 versiones anteriores a 1.0.1.20, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3. 24, R9000 versiones anteriores a 1.0.2.52, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.50, WNDR4500v3 versiones anteriores a 1.0.0.50, y WNR2000v5 versiones anteriores a 1.0.0.62. • https://kb.netgear.com/000055114/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2457 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 24EXPL: 0CVE-2018-21222
https://notcve.org/view.php?id=CVE-2018-21222
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. Determinados dispositivos de NETGEAR están afectados por un desbordamiento del búfer por parte de un atacante no autenticado. Esto afecta a D3600 versiones anteriores a 1.0.0.67, D6000 versiones anteriores a 1.0.0.67, D7800 versiones anteriores a 1.0.1.30, R6100 versiones anteriores a 1.0.1.20, R7500 versiones anteriores a 1.0.0.118, R7500v2 versiones anteriores a 1.0.3. 24, R9000 versiones anteriores a 1.0.2.52, WNDR3700v4 versiones anteriores a 1.0.2.96, WNDR4300 versiones anteriores a 1.0.2.98, WNDR4300v2 versiones anteriores a 1.0.0.50, WNDR4500v3 versiones anteriores a 1.0.0.50, y WNR2000v5 versiones anteriores a 1.0.0.62. • https://kb.netgear.com/000055115/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2458 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •