Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wnr614_firmware
(Netgear)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 11 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-06-03 | CVE-2025-5495 | A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical. This affects an unknown part of the component URL Handler. The manipulation with the input %00currentsetting.htm leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This issue appears to have been circulating as an 0day since 2024. | Wnr614_firmware | 9.8 | ||
| 2024-06-07 | CVE-2024-36789 | An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create passwords that do not conform to defined security standards. | Wnr614_firmware | N/A | ||
| 2024-06-06 | CVE-2024-36795 | Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors. | Wnr614_firmware | N/A | ||
| 2024-06-07 | CVE-2024-36787 | An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attackers to bypass authentication and access the administrative interface via unspecified vectors. | Wnr614_firmware | N/A | ||
| 2024-06-07 | CVE-2024-36790 | Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext. | Wnr614_firmware | N/A | ||
| 2024-06-07 | CVE-2024-36792 | An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to gain access to the router's pin. | Wnr614_firmware | N/A | ||
| 2017-01-30 | CVE-2016-10174 | The NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution. | D6100_firmware, D7000_firmware, D7800_firmware, Jnr1010v2_firmware, Jnr3300_firmware, Jwnr2010v5_firmware, R2000_firmware, R6100_firmware, R6220_firmware, R7500_firmware, R7500v2_firmware, Wndr3700v4_firmware, Wndr3800_firmware, Wndr4300_firmware, Wndr4300v2_firmware, Wndr4500v3_firmware, Wndr4700_firmware, Wnr1000v2_firmware, Wnr1000v4_firmware, Wnr2000v3_firmware, Wnr2000v4_firmware, Wnr2000v5_firmware, Wnr2020_firmware, Wnr2050_firmware, Wnr2200_firmware, Wnr2500_firmware, Wnr614_firmware, Wnr618_firmware | 9.8 | ||
| 2024-06-07 | CVE-2024-36788 | Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices. | Wnr614_firmware | 4.8 | ||
| 2020-04-28 | CVE-2016-11057 | Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, WNR2020 before 2017-01-06, JWNR2010v5 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2020v2 before 2017-01-06, R6220 before 2017-01-06, and WNDR3700v5 before 2017-01-06. | Jnr1010_firmware, Jwnr2000_firmware, Jwnr2010_firmware, R6220_firmware, Wndr3700_firmware, Wnr1000_firmware, Wnr2020_firmware, Wnr614_firmware, Wnr618_firmware | N/A | ||
| 2020-04-21 | CVE-2017-18791 | Certain NETGEAR devices are affected by CSRF. This affects R6050/JR6150 before 1.0.1.7, PR2000 before 1.0.0.17, R6220 before 1.1.0.50, WNDR3700v5 before 1.1.0.48, JNR1010v2 before 1.1.0.40, JWNR2010v5 before 1.1.0.40, WNR1000v4 before 1.1.0.40, WNR2020 before 1.1.0.40, WNR2050 before 1.1.0.40, WNR614 before 1.1.0.40, WNR618 before 1.1.0.40, and D7000 before 1.0.1.50. | D7000_firmware, Jnr1010_firmware, Jr6150_firmware, Jwnr2010_firmware, Pr2000_firmware, R6050_firmware, R6220_firmware, Wndr3700_firmware, Wnr1000_firmware, Wnr2020_firmware, Wnr2050_firmware, Wnr614_firmware, Wnr618_firmware | N/A |