Netgear Jwnr2010 Firmware vulnerabilities

29 known vulnerabilities affecting netgear/jwnr2010_firmware.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

HIGH17MEDIUM12

Vulnerabilities

Page 1 of 2

CVE-2016-11057HIGHCVSS 7.5fixed in 2017-01-062020-04-28

CVE-2016-11057 [HIGH] CWE-287 CVE-2016-11057: Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 be Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, WNR2020 before 2017-01-06, JWNR2010v5 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2020v2 before 2017-01-06, R6220 before 2017-01-06, and WNDR3700v5

nvd

CVE-2018-21226HIGHCVSS 8.8fixed in 1.1.0.482020-04-28

CVE-2018-21226 [HIGH] CWE-269 CVE-2018-21226: Certain NETGEAR devices are affected by authentication bypass. This affects JNR1010v2 before 1.1.0.4 Certain NETGEAR devices are affected by authentication bypass. This affects JNR1010v2 before 1.1.0.48, JWNR2010v5 before 1.1.0.48, WNR1000v4 before 1.1.0.48, WNR2020 before 1.1.0.48, and WNR2050 before 1.1.0.48.

nvd

CVE-2016-11055MEDIUMCVSS 4.3fixed in 2017-01-112020-04-28

CVE-2016-11055 [MEDIUM] CWE-352 CVE-2016-11055: Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 201 Certain NETGEAR devices are affected by CSRF. This affects CM400 before 2017-01-11, CM600 before 2017-01-11, D1500 before 2017-01-11, D500 before 2017-01-11, DST6501 before 2017-01-11, JNR1010v1 before 2017-01-11, JWNR2000Tv3 before 2017-01-11, JWNR2010v3 before 2017-01-11, PLW1000 before 2017-01-11, PLW1010 before 2017-01-11, WNR500 before 2017-01-

nvd

CVE-2018-21209MEDIUMCVSS 4.8fixed in 1.1.0.462020-04-28

CVE-2018-21209 [MEDIUM] CWE-79 CVE-2018-21209: Certain NETGEAR devices are affected by reflected XSS. This affects JNR1010v2 before 1.1.0.46, JR615 Certain NETGEAR devices are affected by reflected XSS. This affects JNR1010v2 before 1.1.0.46, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.46, PR2000 before 1.0.0.20, R6050 before 1.0.1.10, R6220 before 1.1.0.60, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.46, WNR2020 before 1.1.0.46, and WNR2050 before 1.1.0.46.

nvd

CVE-2018-21169HIGHCVSS 8.8fixed in 1.1.0.462020-04-27

CVE-2018-21169 [HIGH] CVE-2018-21169: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7000 before 2018-03-01, D7800 before 1.0.1.31, D8500 before 1.0.3.36, JNR1010v2 before 1.1.0.46, JR6150 before 1.0.1.14, JWNR2010v5 before 1.1.0.46, PR2000 before 2018-03-01, R6050 before 1.0.1.14, R6220 before 1.1.0.60, R6400 before 1.1.0.26, R6400v2 before 1.

nvd

CVE-2018-21168HIGHCVSS 7.5fixed in 1.1.0.462020-04-27

CVE-2018-21168 [HIGH] CWE-200 CVE-2018-21168: Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D7000 befo Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D7000 before 1.0.1.52, D7800 before 1.0.1.31, D8500 before 1.0.3.36, JNR1010v2 before 1.1.0.46, JR6150 before 1.0.1.14, JWNR2010v5 before 1.1.0.46, PR2000 before 1.0.0.20, R6050 before 1.0.1.14, R6220 before 1.1.0.60, R6400 before 1.1.0.26, R6400v2 before 1.0.2.4

nvd

CVE-2017-18703HIGHCVSS 8.8fixed in 1.1.0.462020-04-24

CVE-2017-18703 [HIGH] CWE-352 CVE-2017-18703: Certain NETGEAR devices are affected by CSRF. This affects D1500 before 1.0.0.25, D500 before 1.0.0. Certain NETGEAR devices are affected by CSRF. This affects D1500 before 1.0.0.25, D500 before 1.0.0.25, D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, EX6100v2 before 1.0.1.60, EX6150v2 before 1.0.1.60, JNR1010v2 before 1.1.0.46, JR6150 before 1.0.1.16, JWNR2010v5 before 1.1.0.46, PR2000 before 1.0.0.18, R6020 before 1.0.0.26, R6

nvd

CVE-2018-21231MEDIUMCVSS 5.4fixed in 1.1.0.422020-04-24

CVE-2018-21231 [MEDIUM] CVE-2018-21231: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42

nvd

CVE-2018-21230MEDIUMCVSS 5.4fixed in 1.1.0.422020-04-24

CVE-2018-21230 [MEDIUM] CVE-2018-21230: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.57, D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX2700 before 1.0.1.42

nvd

CVE-2017-18749HIGHCVSS 8.8fixed in 1.1.0.442020-04-23

CVE-2017-18749 [HIGH] CWE-352 CVE-2017-18749: Certain NETGEAR devices are affected by CSRF. This affects JNR1010v2 before 1.1.0.44, JR6150 before Certain NETGEAR devices are affected by CSRF. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, R6050 before 1.0.1.10, R6100 before 1.0.1.16, R6220 before 1.1.0.50, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, R9000 before 1.0.2.40, WNDR3700v4 before 1.0.2.88, WNDR3700v5 before 1.1.0.

nvd

CVE-2017-18737HIGHCVSS 8.8fixed in 1.1.0.442020-04-23

CVE-2017-18737 [HIGH] CWE-74 CVE-2017-18737: Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1

nvd

CVE-2017-18734HIGHCVSS 8.8fixed in 1.1.0.442020-04-23

CVE-2017-18734 [HIGH] CWE-74 CVE-2017-18734: Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5 before 1.1.0.48, WNR1

nvd

CVE-2018-21139HIGHCVSS 7.5fixed in 1.1.0.542020-04-23

CVE-2018-21139 [HIGH] CWE-200 CVE-2018-21139: Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 befo Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.58, D6200 before 1.1.00.30, D6220 before 1.0.0.46, D6400 before 1.0.0.82, D7000 before 1.0.1.68, D7000v2 before 1.0.0.51, D7800 before 1.0.1.42, D8500 before 1.0.3.42, DC112A before 1.0.0.40, DGN2200

nvd

CVE-2017-18782HIGHCVSS 8.8fixed in 1.1.0.442020-04-22

CVE-2017-18782 [HIGH] CWE-352 CVE-2017-18782: Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0. Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JR6150 before 1.0.1.12, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R680

nvd

CVE-2017-18779HIGHCVSS 7.8fixed in 1.1.0.442020-04-22

CVE-2017-18779 [HIGH] CWE-120 CVE-2017-18779: Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D700 Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1

nvd

CVE-2017-18776HIGHCVSS 8.4fixed in 1.1.0.402020-04-22

CVE-2017-18776 [HIGH] CWE-287 CVE-2017-18776: Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, D7000 before V1.0.1.50, D7800 before V1.0.1.24, JNR1010v2 before 1.1.0.40, JWNR2010v5 before 1.1.0.40, R6100 before 1.0.1.12, R6220 before 1.1.0.50, R7500 before 1.0.0.108, R7500v2 before 1.0.3.10, WNDR4300v1 before 1.0.2.88, WNDR4300v2 before 1.0.0.48,

nvd

CVE-2017-18787HIGHCVSS 7.8fixed in 1.1.0.442020-04-22

CVE-2017-18787 [HIGH] CWE-74 CVE-2017-18787: Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1 Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050, before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.

nvd

CVE-2017-18781HIGHCVSS 8.8fixed in 1.1.0.442020-04-22

CVE-2017-18781 [HIGH] CWE-352 CVE-2017-18781: Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0. Certain NETGEAR devices are affected by CSRF. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, JR6150 before 1.0.1.12, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R680

nvd

CVE-2017-18786HIGHCVSS 7.8fixed in 1.1.0.442020-04-22

CVE-2017-18786 [HIGH] CWE-74 CVE-2017-18786: Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1 Certain NETGEAR devices are affected by command injection. This affects D6200 before 1.1.00.24, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6050 before 1.0.1.12, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.

nvd

CVE-2017-18764HIGHCVSS 8.8fixed in 1.1.0.442020-04-22

CVE-2017-18764 [HIGH] CWE-74 CVE-2017-18764: Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.55, D7000 before 1.0.1.50, D7800 before 1.0.1.28, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6100 before 1.0.1.14, R6120 before 1.0.0.30, R6220 befo

nvd

1 / 2Next →