NotCVE - vendor:"Netgear" product:"R6220 Firmware" version:"1.1.0.114

4 results (0.007 seconds)

CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 2

CVE-2022-47052

https://notcve.org/view.php?id=CVE-2022-47052

25 Jan 2023 — The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi Router' is vulnerable to a CRLF Injection attack that can be leveraged to perform Reflected XSS and HTML Injection. A malicious unauthenticated attacker can exploit this vulnerability using a specially crafted URL. This affects firmware versions: V1.1.0.112_1.0.1, V1.1.0.114_1.0.1. • https://github.com/dest-3/CVE-2022-47052 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 1

CVE-2022-42221

https://notcve.org/view.php?id=CVE-2022-42221

17 Oct 2022 — Netgear R6220 v1.1.0.114_1.0.1 suffers from Incorrect Access Control, resulting in a command injection vulnerability. Netgear R6220 versión v1.1.0.114_1.0.1, sufre de un Control de Acceso Incorrecto, resultando en una vulnerabilidad de inyección de comandos • https://github.com/Cj775995/CVE_Report/tree/main/Netgear/R6220 •

CVSS: 7.5EPSS: 0%CPEs: 120EXPL: 0

CVE-2016-11059

https://notcve.org/view.php?id=CVE-2016-11059

28 Apr 2020 — Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, D6200 before 2017-01-06, D6200B before 2017-01-06, D6300B before 2017-01-06, D6300 before 2017-01-06, DGN1000v3 before 2017-01-06, DGN2200v1 before 2017-01-06, DGN2200v3 before 2017-01-06, DGN2200V4 before 2017-01-06, DGN2200Bv3 before 2017-01-06, DGN2200Bv4 before... • https://kb.netgear.com/27253/NETGEAR-Product-Vulnerability-Advisory-Authentication-Bypass-and-Information-Disclosure-on-Home-Routers • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0

CVE-2016-11057

https://notcve.org/view.php?id=CVE-2016-11057

28 Apr 2020 — Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, WNR2020 before 2017-01-06, JWNR2010v5 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2020v2 before 2017-01-06, R6220 before 2017-01-06, and WNDR3700v5 before 2017-01-06. Determinados dispositivos de NETGEAR están afectados por el manejo inapropiado de llamadas URL repetidas. Esto afecta a JNR1010v2 hasta el ... • https://kb.netgear.com/29960/NETGEAR-Product-Vulnerability-Advisory-Potential-security-issue-associated-with-remote-management • CWE-287: Improper Authentication •