Netgear D3600 Firmware vulnerabilities
65 known vulnerabilities affecting netgear/d3600_firmware.
Total CVEs
65
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH40MEDIUM21LOW1
Vulnerabilities
Page 4 of 4
CVE-2019-20726MEDIUMCVSS 6.8fixed in 1.0.0.752020-04-16
CVE-2019-20726 [MEDIUM] CWE-77 CVE-2019-20726: Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR20
nvd
CVE-2019-20640HIGHCVSS 8.8fixed in 1.0.0.762020-04-15
CVE-2019-20640 [HIGH] CWE-787 CVE-2019-20640: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220
nvd
CVE-2019-20767HIGHCVSS 7.2fixed in 1.0.0.752020-04-15
CVE-2019-20767 [HIGH] CWE-787 CVE-2019-20767: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, D3600 before 1.0.0.75, D6000 before 1.0.0.75, R9000 before 1.0.4.26, R8900 before 1.0.4.26, R7800 before 1.0.2.52, WNDR4500v3 before 1.0.0.58, WNDR4300v2 before 1.0.0.58, WNDR4300 before 1.0.2.104, WNDR3700v4 before 1.0.2
nvd
CVE-2015-8289HIGHCVSS 7.5v1.0.0.492016-06-20
CVE-2015-8289 [HIGH] CWE-200 CVE-2015-8289: The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with
The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier allows remote attackers to discover the cleartext administrator password by reading the cgi-bin/passrec.asp HTML source code.
nvd
CVE-2015-8288MEDIUMCVSS 5.9v1.0.0.492016-06-20
CVE-2015-8288 [MEDIUM] CVE-2015-8288: NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier us
NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
nvd
← Previous4 / 4