Note:
This project will be discontinued after December 13, 2021. [more]
Product:
R7900_firmware
(Netgear)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 102 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-12-26 | CVE-2021-45512 | Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX6130 before 1.0.0.36, EX7000 before 1.0.1.90, R6250 before 1.0.4.42, R6400v2 before 1.0.4.98, R6700v3 before 1.0.4.98, R6900P before 1.3.2.124, R7000 before 1.0.11.106, R7000P before 1.3.2.124, R7100LG before 1.0.0.56, R7900 before 1.0.4.26, R8000 before 1.0.4.58, R8300 before 1.0.2.134, R8500 before... | D7000_firmware, D8500_firmware, Ex3700_firmware, Ex3800_firmware, Ex6120_firmware, Ex6130_firmware, Ex7000_firmware, R6250_firmware, R6400_firmware, R6700_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7900_firmware, R8000_firmware, R8300_firmware, R8500_firmware, Rs400_firmware, Wnr3500l_firmware, Xr300_firmware | 9.8 | ||
| 2021-08-11 | CVE-2021-38514 | Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before 1.0.0.63, D6200 before 1.1.00.34, D6220 before 1.0.0.48, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.52, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.108, DGND2200Bv4 before 1.0.0.108, EX2700 before 1.0.1.48, EX3700 before 1.0.0.76, EX3800 before 1.0.0.76, EX6000 before 1.0.0.38, EX6100... | D3600_firmware, D6000_firmware, D6100_firmware, D6200_firmware, D6220_firmware, D6400_firmware, D7000_firmware, D7800_firmware, D8500_firmware, Dc112a_firmware, Dgn2200_firmware, Dgnd2200b_firmware, Ex2700_firmware, Ex3700_firmware, Ex3800_firmware, Ex6000_firmware, Ex6100_firmware, Ex6120_firmware, Ex6130_firmware, Ex6150_firmware, Ex6200_firmware, Ex6400_firmware, Ex7000_firmware, Ex7300_firmware, Ex8000_firmware, Jr6150_firmware, Pr2000_firmware, R6020_firmware, R6050_firmware, R6080_firmware, R6120_firmware, R6220_firmware, R6250_firmware, R6300_firmware, R6400_firmware, R6700_firmware, R6800_firmware, R6900_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7300dst_firmware, R7500_firmware, R7800_firmware, R7900_firmware, R7900p_firmware, R8000_firmware, R8000p_firmware, R8300_firmware, R8500_firmware, R9000_firmware, Rbk40_firmware, Rbk50_firmware, Rbk50v_firmware, Rbr40_firmware, Rbr50_firmware, Rbs40_firmware, Rbs40v_firmware, Rbs50_firmware, Rbw30_firmware, Wn2000rpt_firmware, Wn2500rp_firmware, Wn3000rp_firmware, Wn3100rp_firmware, Wndr3400_firmware, Wndr3700_firmware, Wndr4300_firmware, Wndr4500_firmware, Wnr2000_firmware, Wnr2020_firmware, Wnr2050_firmware, Wnr3500l_firmware, Xr500_firmware | 2.7 | ||
| 2021-08-11 | CVE-2021-38516 | Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D7800 before 1.0.1.44, D8500 before 1.0.3.43, DC112A before 1.0.0.40, DGN2200v4 before 1.0.0.108, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, R6020 before... | Ac2100_firmware, Ac2400_firmware, Ac2600_firmware, D6220_firmware, D6400_firmware, D7000_firmware, D7800_firmware, D8500_firmware, Dc112a_firmware, Dgn2200_firmware, R6020_firmware, R6080_firmware, R6120_firmware, R6220_firmware, R6230_firmware, R6250_firmware, R6260_firmware, R6350_firmware, R6400_firmware, R6700_firmware, R6800_firmware, R6850_firmware, R6900_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7200_firmware, R7350_firmware, R7400_firmware, R7450_firmware, R7500_firmware, R7800_firmware, R7900_firmware, R7900p_firmware, R7960p_firmware, R8000_firmware, R8000p_firmware, R8900_firmware, R9000_firmware, Rax120_firmware, Rbk20_firmware, Rbk40_firmware, Rbk50_firmware, Rbk752_firmware, Rbk852_firmware, Rbr20_firmware, Rbr40_firmware, Rbr50_firmware, Rbr750_firmware, Rbr850_firmware, Rbs20_firmware, Rbs40_firmware, Rbs50_firmware, Rbs750_firmware, Rbs850_firmware, Wnr3500l_firmware, Xr450_firmware, Xr500_firmware | 9.8 | ||
| 2021-08-11 | CVE-2021-38539 | Certain NETGEAR devices are affected by privilege escalation. This affects D8500 before 1.0.3.44, R6400v2 before 1.0.2.66, R6700 before 1.0.2.6, R6700v3 before 1.0.2.66, R6900 before 1.0.2.4, R6900P before 1.3.2.126, R7000 before 1.0.9.42, R7000P before 1.3.2.126, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.10, R8300 before 1.0.2.130, and R8500 before 1.0.2.130. | D8500_firmware, R6400_firmware, R6700_firmware, R6900_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7300dst_firmware, R7900_firmware, R8300_firmware, R8500_firmware | 8.8 | ||
| 2019-06-17 | CVE-2019-5016 | An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid memory read, resulting in a denial of service or remote information disclosure. An unauthenticated attacker can send a crafted packet on the local network to trigger this vulnerability. | Netusb\.ko, R7900_firmware, R8000_firmware | 9.1 | ||
| 2021-12-26 | CVE-2021-45527 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before... | D6220_firmware, D6400_firmware, D7000v2_firmware, D8500_firmware, Dc112a_firmware, Ex7000_firmware, Ex7500_firmware, R6250_firmware, R6300v2_firmware, R6400_firmware, R6400v2_firmware, R6700v3_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7850_firmware, R7900_firmware, R7900p_firmware, R7960p_firmware, R8000_firmware, R8000p_firmware, R8300_firmware, R8500_firmware, Rax200_firmware, Rax75_firmware, Rax80_firmware, Rbk752_firmware, Rbk852_firmware, Rbr750_firmware, Rbr850_firmware, Rbs40v_firmware, Rbs750_firmware, Rbs850_firmware, Rs400_firmware, Xr300_firmware | 9.8 | ||
| 2021-12-26 | CVE-2021-45610 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.66, D6400 before 1.0.0.100, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.52, DGN2200v4 before 1.0.0.118, EAX80 before 1.0.1.64, R6250 before 1.0.4.48, R7000 before 1.0.11.110, R7100LG before 1.0.0.72, R7900 before 1.0.4.30, R7960P before 1.4.1.64, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, R6400v2... | D6220_firmware, D6400_firmware, D7000v2_firmware, D8500_firmware, Dc112a_firmware, Dgn2200v4_firmware, Eax80_firmware, R6250_firmware, R6400v2_firmware, R6700v3_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7900_firmware, R7900p_firmware, R7960p_firmware, R8000_firmware, R8000p_firmware, Rax15_firmware, Rax200_firmware, Rax20_firmware, Rax45_firmware, Rax50_firmware, Rax75_firmware, Rax80_firmware, Rs400_firmware, Xr300_firmware | 9.8 | ||
| 2021-12-26 | CVE-2021-45617 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX7500 before 1.0.0.72, R6400 before 1.0.1.68, R6900P before 1.3.2.132, R7000 before 1.0.11.116, R7000P before 1.3.2.132, R7900 before 1.0.4.38, R7960P before 1.4.1.66, R8000 before 1.0.4.66, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, MK62 before 1.0.6.110, MR60 before 1.0.6.110, R6400v2 before... | Cbr40_firmware, Eax20_firmware, Eax80_firmware, Ex7500_firmware, Mk62_firmware, Mr60_firmware, Ms60_firmware, R6400_firmware, R6400v2_firmware, R6700v3_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7900_firmware, R7900p_firmware, R7960p_firmware, R8000_firmware, R8000p_firmware, Rax15_firmware, Rax200_firmware, Rax20_firmware, Rax45_firmware, Rax50_firmware, Rax75_firmware, Rax80_firmware, Rbk752_firmware, Rbk852_firmware, Rbr750_firmware, Rbr850_firmware, Rbs750_firmware, Rbs850_firmware, Rs400_firmware, Xr300_firmware | 9.8 | ||
| 2021-12-26 | CVE-2021-45621 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX3700 before 1.0.0.94, EX3800 before 1.0.0.94, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.106, R6700v3... | Cbr40_firmware, Cbr750_firmware, Eax20_firmware, Eax80_firmware, Ex3700_firmware, Ex3800_firmware, Ex6120_firmware, Ex6130_firmware, Ex7000_firmware, Ex7500_firmware, Lax20_firmware, Mr60_firmware, Ms60_firmware, R6300v2_firmware, R6400_firmware, R6400v2_firmware, R6700v3_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7100lg_firmware, R7850_firmware, R7900_firmware, R7900p_firmware, R7960p_firmware, R8000_firmware, R8000p_firmware, R8300_firmware, R8500_firmware, Rax15_firmware, Rax200_firmware, Rax20_firmware, Rax35v2_firmware, Rax40v2_firmware, Rax43_firmware, Rax45_firmware, Rax50_firmware, Rax75_firmware, Rax80_firmware, Rbk752_firmware, Rbk852_firmware, Rbr750_firmware, Rbr850_firmware, Rbs750_firmware, Rbs850_firmware, Rs400_firmware, Xr1000_firmware, Xr300_firmware | 9.8 | ||
| 2021-12-26 | CVE-2021-45622 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 4.6.3.6, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, EX7500 before 1.0.0.74, LAX20 before 1.1.6.28, MK62 before 1.0.6.116, MR60 before 1.0.6.116, MS60 before 1.0.6.116, R6400 before 1.0.1.70, R6400v2 before 1.0.4.118, R6700v3 before 1.0.4.118, R6900P before 1.3.3.140, R7000 before 1.0.11.116, R7000P before 1.3.3.140, R7850 before 1.0.5.68, R7900 before... | Cbr40_firmware, Cbr750_firmware, Eax20_firmware, Eax80_firmware, Ex7500_firmware, Lax20_firmware, Mk62_firmware, Mr60_firmware, Ms60_firmware, R6400_firmware, R6400v2_firmware, R6700v3_firmware, R6900p_firmware, R7000_firmware, R7000p_firmware, R7850_firmware, R7900_firmware, R7900p_firmware, R7960p_firmware, R8000_firmware, R8000p_firmware, Rax15_firmware, Rax200_firmware, Rax20_firmware, Rax35v2_firmware, Rax40v2_firmware, Rax43_firmware, Rax45_firmware, Rax50_firmware, Rax75_firmware, Rax80_firmware, Rbk752_firmware, Rbk852_firmware, Rbr750_firmware, Rbr850_firmware, Rbs750_firmware, Rbs850_firmware, Rs400_firmware, Xr1000_firmware, Xr300_firmware | 9.8 |