CVE-2022-40620
- EPSS 0.13%
- Veröffentlicht 28.01.2026 00:00:00
- Zuletzt bearbeitet 09.03.2026 14:41:45
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker (suitably positioned on the network) co...
CVE-2022-40619
- EPSS 1.03%
- Veröffentlicht 28.01.2026 00:00:00
- Zuletzt bearbeitet 09.03.2026 14:43:22
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsq_a...
CVE-2022-27641
- EPSS 0.18%
- Veröffentlicht 29.03.2023 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:56:04
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the N...
CVE-2021-34865
- EPSS 1.15%
- Veröffentlicht 25.01.2022 16:15:08
- Zuletzt bearbeitet 21.11.2024 06:11:22
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service,...
CVE-2021-45672
- EPSS 0.26%
- Veröffentlicht 26.12.2021 01:15:21
- Zuletzt bearbeitet 21.11.2024 06:32:50
Certain NETGEAR devices are affected by Stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78...
CVE-2021-45657
- EPSS 0.12%
- Veröffentlicht 26.12.2021 01:15:20
- Zuletzt bearbeitet 21.11.2024 06:32:48
Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 befor...
CVE-2021-45656
- EPSS 0.07%
- Veröffentlicht 26.12.2021 01:15:20
- Zuletzt bearbeitet 21.11.2024 06:32:48
Certain NETGEAR devices are affected by server-side injection. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 befor...
CVE-2021-45647
- EPSS 0.27%
- Veröffentlicht 26.12.2021 01:15:19
- Zuletzt bearbeitet 21.11.2024 06:32:46
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.78, R6850 before 1.1.0...
CVE-2021-45644
- EPSS 0.31%
- Veröffentlicht 26.12.2021 01:15:19
- Zuletzt bearbeitet 21.11.2024 06:32:45
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.88, AC2400 before 1.2.0.88, AC2600 before 1.2.0.88, R6220 before 1.1.0.110, R6230 before 1.1.0.110, R6260 before 1.1.0.84, R6330 be...
CVE-2021-45641
- EPSS 0.37%
- Veröffentlicht 26.12.2021 01:15:19
- Zuletzt bearbeitet 21.11.2024 06:32:45
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.74, D7000v2 befo...