CVSS: 5.5EPSS: 0%CPEs: 44EXPL: 0CVE-2018-21167
https://notcve.org/view.php?id=CVE-2018-21167
27 Apr 2020 — Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.9... • https://kb.netgear.com/000055191/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Routers-Gateways-Extenders-and-DSL-Modems-PSV-2017-3093 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-21159
https://notcve.org/view.php?id=CVE-2018-21159
27 Apr 2020 — NETGEAR ReadyNAS devices before 6.9.3 are affected by incorrect configuration of security settings. Los dispositivos NETGEAR ReadyNAS versiones anteriores a 6.9.3, están afectados por una configuración incorrecta de los ajustes de seguridad. • https://kb.netgear.com/000059471/Security-Advisory-for-Security-Misconfiguration-on-ReadyNAS-OS-6-PSV-2017-1999 •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-21158
https://notcve.org/view.php?id=CVE-2018-21158
27 Apr 2020 — NETGEAR R7800 devices before 1.0.2.46 are affected by incorrect configuration of security settings. Los dispositivos NETGEAR R7800 versiones anteriores a 1.0.2.46, están afectados por una configuración incorrecta de los ajustes de seguridad. • https://kb.netgear.com/000059472/Security-Advisory-for-Security-Misconfiguration-on-Some-Routers-PSV-2017-0700 •
CVSS: 6.8EPSS: 0%CPEs: 18EXPL: 0CVE-2018-21157
https://notcve.org/view.php?id=CVE-2018-21157
27 Apr 2020 — Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.28, R6700 before 1.0.1.44, R6900 before 1.0.1.44, R7000 before 1.0.9.28, R7500v2 before 1.0.3.24, R7800 before 1.0.2.38, R9000 before 1.0.2.52, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a D7800 versiones anteriores a 1.0.1.28, R6700 versiones anteri... • https://kb.netgear.com/000059473/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-2248 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 68EXPL: 0CVE-2018-21156
https://notcve.org/view.php?id=CVE-2018-21156
27 Apr 2020 — Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3.86, EX7000 before 1.0.0.64, R6250 before 1.0.4.20, R6300v2 before 1.0.4.22, ... • https://kb.netgear.com/000059474/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-2460 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.3EPSS: 0%CPEs: 24EXPL: 0CVE-2018-21155
https://notcve.org/view.php?id=CVE-2018-21155
27 Apr 2020 — Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.52, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.4.2, R9000 before 1.0.3.16, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. Determinados dispositivos NETGEAR están afectados por una vulnerabilidad de tipo XSS almacenado. Esto afecta a D7800 versiones anteriores a 1.0.1.34... • https://kb.netgear.com/000059478/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Gateways-and-Routers-PSV-2017-3101 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-21154
https://notcve.org/view.php?id=CVE-2018-21154
27 Apr 2020 — Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, and R7800 before 1.0.2.42. Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a D7800 versiones anteriores a 1.0.1.34, DM200 versiones anteriores a 1.0.0.50, R6100 versiones anteriores a 1.0.1.22, R7500 versiones anteri... • https://kb.netgear.com/000059479/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-3133 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 46EXPL: 0CVE-2018-21153
https://notcve.org/view.php?id=CVE-2018-21153
27 Apr 2020 — Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.62, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.40, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv2 before ... • https://kb.netgear.com/000059480/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Gateways-Routers-and-Extenders-PSV-2017-3136 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2018-21152
https://notcve.org/view.php?id=CVE-2018-21152
27 Apr 2020 — Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54. Determinados dispositivos NETGEAR están afectados por una inyección de comandos por parte de un usuario autenticado. Esto afecta a D7800 versiones anteriores a 1.0.1.34, R7500v2 versiones anteriores a 1.0.3.26, R7800 versiones anteriores ... • https://kb.netgear.com/000059481/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Gateways-and-Routers-PSV-2017-3152 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0CVE-2018-21149
https://notcve.org/view.php?id=CVE-2018-21149
27 Apr 2020 — Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.0.54, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64. Determinados dispositivos NETGEAR están afectados por un desbordamiento del búfer en la región stack... • https://kb.netgear.com/000059484/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3156 • CWE-787: Out-of-bounds Write •