CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-25246
https://notcve.org/view.php?id=CVE-2025-25246
05 Feb 2025 — NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users. • https://kb.netgear.com/000066558/Security-Advisory-for-Unauthenticated-RCE-on-Some-WiFi-Routers-PSV-2023-0039 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35517
https://notcve.org/view.php?id=CVE-2024-35517
11 Oct 2024 — Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter. • https://github.com/consrc/cves/blob/main/CVE-2024-35517.md •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-45510
https://notcve.org/view.php?id=CVE-2021-45510
26 Dec 2021 — NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass. Los dispositivos NETGEAR XR1000 versiones anteriores a 1.0.0.58, están afectados por una omisión de autenticación • https://kb.netgear.com/000064150/Security-Advisory-for-Authentication-Bypass-on-XR1000-PSV-2021-0011 •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2021-45513
https://notcve.org/view.php?id=CVE-2021-45513
26 Dec 2021 — NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. Los dispositivos NETGEAR XR1000 versiones anteriores a 1.0.0.58, están afectados por una inyección de comandos por parte de un atacante no autenticado • https://kb.netgear.com/000064149/Security-Advisory-for-Command-Injection-on-XR1000-PSV-2021-0010 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 0CVE-2021-45514
https://notcve.org/view.php?id=CVE-2021-45514
26 Dec 2021 — NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. Los dispositivos NETGEAR XR1000 versiones anteriores a 1.0.0.58, están afectados por una inyección de comandos por parte de un atacante no autenticado • https://kb.netgear.com/000064154/Security-Advisory-for-Command-Injection-on-XR1000-PSV-2021-0018 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-45517
https://notcve.org/view.php?id=CVE-2021-45517
26 Dec 2021 — NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. Los dispositivos NETGEAR XR1000 versiones anteriores a 1.0.0.58 están afectados por una denegación de servicio • https://kb.netgear.com/000064156/Security-Advisory-for-Denial-of-Service-on-XR1000-PSV-2021-0031 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-45518
https://notcve.org/view.php?id=CVE-2021-45518
26 Dec 2021 — NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. Los dispositivos NETGEAR XR1000 versiones anteriores a 1.0.0.58 están afectados por una denegación de servicio • https://kb.netgear.com/000064157/Security-Advisory-for-Denial-of-Service-on-XR1000-PSV-2021-0032 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-45519
https://notcve.org/view.php?id=CVE-2021-45519
26 Dec 2021 — NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service. Los dispositivos NETGEAR XR1000 versiones anteriores a 1.0.0.58 están afectados por una denegación de servicio • https://kb.netgear.com/000064158/Security-Advisory-for-Denial-of-Service-on-XR1000-PSV-2021-0033 •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-45522
https://notcve.org/view.php?id=CVE-2021-45522
26 Dec 2021 — NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password. Los dispositivos NETGEAR XR1000 versiones anteriores a 1.0.0.58 están afectados por una contraseña embebida • https://kb.netgear.com/000064155/Security-Advisory-for-Hardcoded-Password-on-XR1000-PSV-2021-0030 • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.4EPSS: 0%CPEs: 54EXPL: 0CVE-2021-45549
https://notcve.org/view.php?id=CVE-2021-45549
26 Dec 2021 — Certain NETGEAR devices are affected by command injection by an authenticated user. This affects LAX20 before 1.1.6.28, MK62 before 1.1.6.122, MR60 before 1.1.6.122, MS60 before 1.1.6.122, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before 1.0.4.38, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.68, R8000P before 1.4.2.84, RAX15 before 1.0.3.96, RAX20 before 1.0.3.96, RAX200 be... • https://kb.netgear.com/000064513/Security-Advisory-for-Post-Authentication-Command-Injection-on-Some-Routers-Extenders-and-WiFi-Systems-PSV-2020-0517 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •