Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Srs60_firmware
(Netgear)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 11 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-12-26 | CVE-2021-45645 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122. | Rbs50y_firmware, Src60_firmware, Srk60_firmware, Srr60_firmware, Srs60_firmware, Sxk30_firmware, Sxr30_firmware, Sxs30_firmware | 9.8 | ||
| 2020-04-16 | CVE-2019-20695 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects SRK60 before 2.3.5.106, SRR60 before 2.3.5.106, and SRS60 before 2.3.5.106. | Srk60_firmware, Srr60_firmware, Srs60_firmware | 7.5 | ||
| 2020-04-16 | CVE-2019-20717 | Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, EX2700 before 1.0.1.52, EX6200v2 before 1.0.1.74, EX8000 before 1.0.1.180, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, SRK60 before 2.2.1.210, SRR60 before 2.2.1.210, SRS60 before 2.2.1.210,... | D3600_firmware, D6000_firmware, D7800_firmware, Ex2700_firmware, Ex6200_firmware, Ex8000_firmware, R7500_firmware, R7800_firmware, Rbk20_firmware, Rbk50_firmware, Rbr20_firmware, Rbr50_firmware, Rbs20_firmware, Rbs40_firmware, Rbs50_firmware, Srk60_firmware, Srr60_firmware, Srs60_firmware, Wn2000rpt_firmware, Wn3000rp_firmware, Wn3100rp_firmware, Wndr4300_firmware, Wndr4500_firmware | 6.5 | ||
| 2020-05-18 | CVE-2020-11551 | An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote write of arbitrary Wi-Fi configuration data such as authentication details (e.g., the Web-admin password), network settings, DNS settings, system administration interface configuration, etc. | Rbs50y_firmware, Srr60_firmware, Srs60_firmware | 8.8 | ||
| 2020-05-18 | CVE-2020-11550 | An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote leak of sensitive/arbitrary Wi-Fi information, such as SSIDs and Pre-Shared-Keys (PSK). | Rbs50y_firmware, Srr60_firmware, Srs60_firmware | 6.5 | ||
| 2020-06-18 | CVE-2020-14435 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects SRK60 before 2.5.2.104, SRS60 before 2.5.2.104, SRR60 before 2.5.2.104, SRK60B03 before 2.5.2.104, SRK60B04 before 2.5.2.104, SRK60B05 before 2.5.2.104, and SRK60B06 before 2.5.2.104. | Srk60_firmware, Srk60b03_firmware, Srk60b04_firmware, Srk60b05_firmware, Srk60b06_firmware, Srr60_firmware, Srs60_firmware | 8.8 | ||
| 2020-10-09 | CVE-2020-26920 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects SRK60 before 2.5.3.110, SRR60 before 2.5.3.110, and SRS60 before 2.5.3.110. | Srk60_firmware, Srr60_firmware, Srs60_firmware | 8.8 | ||
| 2020-10-09 | CVE-2020-26913 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, SRK60 before 2.2.2.20, SRR60 before 2.2.2.20, SRS60 before 2.2.2.20, WN3000RPv2 before... | D6100_firmware, R7800_firmware, R8900_firmware, R9000_firmware, Rbk20_firmware, Rbk40_firmware, Rbk50_firmware, Rbr20_firmware, Rbr50_firmware, Rbs20_firmware, Rbs40_firmware, Rbs50_firmware, Srk60_firmware, Srr60_firmware, Srs60_firmware, Wn3000rpv2_firmware, Wndr4300v2_firmware, Wndr4500v3_firmware, Wnr2000v5_firmware, Xr450_firmware, Xr500_firmware | 6.8 | ||
| 2020-05-18 | CVE-2020-11549 | An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The root account has the same password as the Web-admin component. Thus, by exploiting CVE-2020-11551, it is possible to achieve remote code execution with root privileges on the embedded Linux system. | Rbs50y_firmware, Srr60_firmware, Srs60_firmware | N/A | ||
| 2020-04-27 | CVE-2018-21095 | Certain NETGEAR devices are affected by stored XSS. This affects SRR60 before 2.2.1.210 and SRS60 before 2.2.1.210. | Srr60_firmware, Srs60_firmware | N/A |