Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wnr614_firmware
(Netgear)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 11 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-06-07 | CVE-2024-36789 | An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords that do not conform to defined security standards. | Wnr614_firmware | N/A | ||
| 2024-06-06 | CVE-2024-36795 | Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors. | Wnr614_firmware | N/A | ||
| 2024-06-07 | CVE-2024-36787 | An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attackers to bypass authentication and access the administrative interface via unspecified vectors. | Wnr614_firmware | N/A | ||
| 2024-06-07 | CVE-2024-36790 | Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext. | Wnr614_firmware | N/A | ||
| 2024-06-07 | CVE-2024-36792 | An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to gain access to the router's pin. | Wnr614_firmware | N/A | ||
| 2017-01-30 | CVE-2016-10174 | The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution. | D6100_firmware, D7000_firmware, D7800_firmware, Jnr1010v2_firmware, Jnr3300_firmware, Jwnr2010v5_firmware, R2000_firmware, R6100_firmware, R6220_firmware, R7500_firmware, R7500v2_firmware, Wndr3700v4_firmware, Wndr3800_firmware, Wndr4300_firmware, Wndr4300v2_firmware, Wndr4500v3_firmware, Wndr4700_firmware, Wnr1000v2_firmware, Wnr1000v4_firmware, Wnr2000v3_firmware, Wnr2000v4_firmware, Wnr2000v5_firmware, Wnr2020_firmware, Wnr2050_firmware, Wnr2200_firmware, Wnr2500_firmware, Wnr614_firmware, Wnr618_firmware | 9.8 | ||
| 2024-06-07 | CVE-2024-36788 | Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices. | Wnr614_firmware | 4.8 | ||
| 2020-04-28 | CVE-2016-11057 | Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, WNR2020 before 2017-01-06, JWNR2010v5 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2020v2 before 2017-01-06, R6220 before 2017-01-06, and WNDR3700v5 before 2017-01-06. | Jnr1010_firmware, Jwnr2000_firmware, Jwnr2010_firmware, R6220_firmware, Wndr3700_firmware, Wnr1000_firmware, Wnr2020_firmware, Wnr614_firmware, Wnr618_firmware | N/A | ||
| 2020-04-21 | CVE-2017-18791 | Certain NETGEAR devices are affected by CSRF. This affects R6050/JR6150 before 1.0.1.7, PR2000 before 1.0.0.17, R6220 before 1.1.0.50, WNDR3700v5 before 1.1.0.48, JNR1010v2 before 1.1.0.40, JWNR2010v5 before 1.1.0.40, WNR1000v4 before 1.1.0.40, WNR2020 before 1.1.0.40, WNR2050 before 1.1.0.40, WNR614 before 1.1.0.40, WNR618 before 1.1.0.40, and D7000 before 1.0.1.50. | D7000_firmware, Jnr1010_firmware, Jr6150_firmware, Jwnr2010_firmware, Pr2000_firmware, R6050_firmware, R6220_firmware, Wndr3700_firmware, Wnr1000_firmware, Wnr2020_firmware, Wnr2050_firmware, Wnr614_firmware, Wnr618_firmware | N/A | ||
| 2020-04-16 | CVE-2019-20690 | Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.30, D7000 before 1.0.1.66, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.68, WNR2020 before 1.1.0.54, and WNR614 before 1.1.0.54. | D6200_firmware, D7000_firmware, R6020_firmware, R6080_firmware, R6120_firmware, R6220_firmware, Wnr2020_firmware, Wnr614_firmware | N/A |