Netgear Dgn2200 Firmware vulnerabilities
37 known vulnerabilities affecting netgear/dgn2200_firmware.
Total CVEs
37
CISA KEV
1
actively exploited
Public exploits
4
Exploited in wild
1
Severity breakdown
CRITICAL3HIGH13MEDIUM20LOW1
Vulnerabilities
Page 2 of 2
CVE-2017-18769MEDIUMCVSS 4.6fixed in 1.0.0.942020-04-22
CVE-2017-18769 [MEDIUM] CWE-200 CVE-2017-18769: Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects
Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 be
nvd
CVE-2017-18842HIGHCVSS 8.8fixed in 1.0.0.552020-04-20
CVE-2017-18842 [HIGH] CWE-352 CVE-2017-18842: Certain NETGEAR devices are affected by CSRF. This affects R7300 before 1.0.0.54, R8500 before 1.0.2
Certain NETGEAR devices are affected by CSRF. This affects R7300 before 1.0.0.54, R8500 before 1.0.2.94, DGN2200v1 before 1.0.0.55, and D2200D/D2200DW-1FRNAS before 1.0.0.32.
nvd
CVE-2019-20753HIGHCVSS 8.8fixed in 1.0.0.582020-04-16
CVE-2019-20753 [HIGH] CWE-787 CVE-2019-20753: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JNDR3000 before 1.0.0.24, R8000 before 1.0.4.18, R8500 before 1.0.2.122, R8300 before 1.0.2.122, R7900 before 1.0.2.1
nvd
CVE-2019-20716MEDIUMCVSS 6.8fixed in 1.0.0.1102020-04-16
CVE-2019-20716 [MEDIUM] CWE-787 CVE-2019-20716: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v4 before 1.0.0.110 and DGND2200Bv4 before 1.0.0.109.
nvd
CVE-2019-20754MEDIUMCVSS 6.8fixed in 1.0.0.582020-04-16
CVE-2019-20754 [MEDIUM] CWE-120 CVE-2019-20754: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN2200 before 1.0.0.58, DGN2200B before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.80, D6220 before 1.0.0.44, EX7000 before 1.0.0.66, EX6200 before 1.0.3.88, EX6150 before 1.0.0.42, EX7500 before 1.0.0.46, JNDR3000 befo
nvd
CVE-2019-20700MEDIUMCVSS 6.7fixed in 1.0.0.1102020-04-16
CVE-2019-20700 [MEDIUM] CWE-787 CVE-2019-20700: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 befor
nvd
CVE-2019-20732MEDIUMCVSS 6.7fixed in 1.0.0.1022020-04-16
CVE-2019-20732 [MEDIUM] CWE-77 CVE-2019-20732: Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D62
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130
nvd
CVE-2019-20728MEDIUMCVSS 6.7fixed in 1.0.0.1022020-04-16
CVE-2019-20728 [MEDIUM] CWE-120 CVE-2019-20728: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D64
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, DM200 before 1.0.0.52, JNDR3000 before 1.0.0.22, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 b
nvd
CVE-2019-20733MEDIUMCVSS 6.7fixed in 1.0.0.1102020-04-16
CVE-2019-20733 [MEDIUM] CWE-787 CVE-2019-20733: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.110, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 befor
nvd
CVE-2019-20740MEDIUMCVSS 6.8fixed in 1.0.0.1102020-04-16
CVE-2019-20740 [MEDIUM] CWE-787 CVE-2019-20740: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R7300 before 1.0.0.70, R8300 before 1.0.2.130, and R8500 before 1.0.2.130.
nvd
CVE-2019-20692MEDIUMCVSS 6.7fixed in 1.0.0.1102020-04-16
CVE-2019-20692 [MEDIUM] CWE-787 CVE-2019-20692: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 befor
nvd
CVE-2019-20712MEDIUMCVSS 6.8fixed in 1.0.0.1102020-04-16
CVE-2019-20712 [MEDIUM] CWE-120 CVE-2019-20712: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D62
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700
nvd
CVE-2019-20737MEDIUMCVSS 6.7fixed in 1.0.0.1062020-04-16
CVE-2019-20737 [MEDIUM] CWE-787 CVE-2019-20737: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.106, DGND2200Bv4 before 1.0.0.106, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 befor
nvd
CVE-2019-20755MEDIUMCVSS 6.8fixed in 1.0.0.582020-04-16
CVE-2019-20755 [MEDIUM] CWE-787 CVE-2019-20755: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B before 1.0.0.58, JNDR3000 before 1.0.0.24, RBW30 before 2.1.4.16, R6250 before 1.0.4.26, R6300v2 before 1.0.4.28
nvd
CVE-2016-5649CRITICALCVSS 9.8PoCv1.0.0.50_7.0.502018-07-24
CVE-2016-5649 [CRITICAL] CWE-319 CVE-2016-5649: A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_
A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin password in clear text before it gets redirected to absw_vfysucc.cgia. An a
nvd
CVE-2017-6366HIGHCVSS 8.8PoC≤ 10.0.0.502017-03-15
CVE-2017-6366 [HIGH] CVE-2017-6366: Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 t
Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. NOTE: this issue can be combined with CVE-2017-6334 to execute arbitrary code remotely.
nvd
CVE-2017-6077CRITICALCVSS 9.8KEVPoC≤ 10.0.0.502017-02-22
CVE-2017-6077 [CRITICAL] CWE-78 CVE-2017-6077: ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated user
ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request.
nvd
← Previous2 / 2