Netgear Ex6100 Firmware vulnerabilities
38 known vulnerabilities affecting netgear/ex6100_firmware.
Total CVEs
38
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH10MEDIUM23LOW1
Vulnerabilities
Page 1 of 2
CVE-2025-6510HIGHCVSS 7.4v1.0.2.28_1.1.1382025-06-23
CVE-2025-6510 [HIGH] CWE-119 CVE-2025-6510: A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated as critical. Affecte
A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has been rated as critical. Affected by this issue is the function sub_415EF8. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no long
nvd
CVE-2024-35519MEDIUMCVSS 6.8≤ 1.0.2.282024-10-14
CVE-2024-35519 [HIGH] CWE-77 CVE-2024-35519: Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to c
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.
nvd
CVE-2021-34947HIGHCVSS 8.8fixed in 1.0.1.1062024-05-07
CVE-2021-34947 [HIGH] CWE-787 CVE-2021-34947: NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability al
NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the parsing of the soap_block_table file. The is
nvd
CVE-2022-24655HIGHCVSS 7.8v201.0.2.282022-03-18
CVE-2022-24655 [HIGH] CWE-787 CVE-2022-24655: A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.
nvd
CVE-2021-38527CRITICALCVSS 9.8fixed in 1.0.1.982021-08-11
CVE-2021-38527 [HIGH] CWE-77 CVE-2021-38527: Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v2 before 1.0.1.98, EX6250 before 1.0.0.132, EX6400 before 1.0.2.158, EX6400v2 before 1.0.0.132, EX6410 before 1.0.0.132, EX6420 before 1.0.0.132, EX7300 before 1.0.2.158, EX7300v2 before 1.0.0.13
nvd
CVE-2021-38514LOWCVSS 2.7fixed in 1.0.2.24fixed in 1.0.1.762021-08-11
CVE-2021-38514 [LOW] CVE-2021-38514: Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D
Certain NETGEAR devices are affected by authentication bypass. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6100 before 1.0.0.63, D6200 before 1.1.00.34, D6220 before 1.0.0.48, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.52, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.108, D
nvd
CVE-2020-35796CRITICALCVSS 9.8fixed in 1.0.2.282020-12-30
CVE-2020-35796 [HIGH] CWE-120 CVE-2020-35796: Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, DC112A before 1.0.0.48, DGN2200v4 before 1.0.0.114, EAX20 before 1.0.0.36, EAX80 before 1.0.1.62, EX3700 before 1.0.0.84, EX3800 befo
nvd
CVE-2018-21153CRITICALCVSS 9.8fixed in 1.0.1.702020-04-27
CVE-2018-21153 [CRITICAL] CWE-120 CVE-2018-21153: Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.62, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7
nvd
CVE-2018-21156HIGHCVSS 7.2fixed in 1.0.2.222020-04-27
CVE-2018-21156 [HIGH] CWE-120 CVE-2018-21156: Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D62
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.38, D6400 before 1.0.0.74, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGN2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 be
nvd
CVE-2018-21093HIGHCVSS 8.8fixed in 1.0.2.242020-04-27
CVE-2018-21093 [HIGH] CWE-787 CVE-2018-21093: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66,
nvd
CVE-2018-21167MEDIUMCVSS 5.5fixed in 1.0.1.702020-04-27
CVE-2018-21167 [MEDIUM] CWE-79 CVE-2018-21167: Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before
Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.
nvd
CVE-2017-18703HIGHCVSS 8.8fixed in 1.0.1.602020-04-24
CVE-2017-18703 [HIGH] CWE-352 CVE-2017-18703: Certain NETGEAR devices are affected by CSRF. This affects D1500 before 1.0.0.25, D500 before 1.0.0.
Certain NETGEAR devices are affected by CSRF. This affects D1500 before 1.0.0.25, D500 before 1.0.0.25, D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, EX6100v2 before 1.0.1.60, EX6150v2 before 1.0.1.60, JNR1010v2 before 1.1.0.46, JR6150 before 1.0.1.16, JWNR2010v5 before 1.1.0.46, PR2000 before 1.0.0.18, R6020 before 1.0.0.26, R6
nvd
CVE-2018-21231MEDIUMCVSS 5.4fixed in 1.0.2.182020-04-24
CVE-2018-21231 [MEDIUM] CVE-2018-21231: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42
nvd
CVE-2018-21228MEDIUMCVSS 6.8fixed in 1.0.1.502020-04-24
CVE-2018-21228 [MEDIUM] CWE-74 CVE-2018-21228: Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D78
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, EX6100v2 before 1.0.1.50, EX6150v2 before 1.0.1.50, EX6200v2 before 1.0.1.44, EX6400 before 1.0.1.60, EX7300 before 1.0.1.60, R6100 before 1.0.1.16, R7500 before 1.0.0.110, R7800 before 1.0.2.32, R9000 before 1.0.2.30, WN3000RPv3 be
nvd
CVE-2018-21230MEDIUMCVSS 5.4fixed in 1.0.2.182020-04-24
CVE-2018-21230 [MEDIUM] CVE-2018-21230: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42
nvd
CVE-2017-18715MEDIUMCVSS 6.1fixed in 1.0.2.202020-04-24
CVE-2017-18715 [MEDIUM] CWE-79 CVE-2017-18715: Certain NETGEAR devices are affected by reflected XSS. This affects EX3700 before 1.0.0.66, EX3800 b
Certain NETGEAR devices are affected by reflected XSS. This affects EX3700 before 1.0.0.66, EX3800 before 1.0.0.66, EX6100 before 1.0.2.20, EX6120 before 1.0.0.34, EX6150 before 1.0.0.36, EX6200 before 1.0.3.84, and EX7000 before 1.0.0.60.
nvd
CVE-2018-21134CRITICALCVSS 9.8fixed in 1.0.2.242020-04-23
CVE-2018-21134 [CRITICAL] CWE-787 CVE-2018-21134: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects R6700 before 1.0.1.48, R7900 before 1.0.2.16, R6900 before 1.0.1.48, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R7000 before 1.0.9.34
nvd
CVE-2018-21163HIGHCVSS 7.2fixed in 1.0.2.222020-04-23
CVE-2018-21163 [HIGH] CWE-787 CVE-2018-21163: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.38, EX6200 before 1.0.3
nvd
CVE-2017-18768HIGHCVSS 8.8fixed in 1.0.2.16_1.1.130fixed in 1.0.1.702020-04-22
CVE-2017-18768 [HIGH] CWE-352 CVE-2017-18768: Certain NETGEAR devices are affected by CSRF. This affects EX6100 before 1.0.2.16_1.1.130, EX6100v2
Certain NETGEAR devices are affected by CSRF. This affects EX6100 before 1.0.2.16_1.1.130, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.50, EX6400 before 1.0.1.60, EX7300 before 1.0.1.60, and WN3000RPv3 before 1.0.2.44.
nvd
CVE-2017-18788MEDIUMCVSS 6.7fixed in 1.0.1.542020-04-22
CVE-2017-18788 [MEDIUM] CWE-74 CVE-2017-18788: Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0
nvd
1 / 2Next →