Netgear R6700 Firmware vulnerabilities

172 known vulnerabilities affecting netgear/r6700_firmware.

Total CVEs

172

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL11HIGH104MEDIUM56LOW1

Vulnerabilities

Page 7 of 9

CVE-2017-18785MEDIUMCVSS 4.8fixed in 1.0.1.36fixed in 1.2.0.122020-04-22

CVE-2017-18785 [MEDIUM] CWE-79 CVE-2017-18785: Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0. Certain NETGEAR devices are affected by XSS. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 before 1.0.0.32, D6400 before 1.0.0.66, D7000 before 1.0.1.52, D7000v2 before 1.0.0.44, D7800 before 1.0.1.30, D8500 before 1.0.3.35, DGN2200v4 before 1.0.0.96, DGN2200Bv4 before 1.0.0.96, EX2700

nvd

CVE-2017-18752MEDIUMCVSS 6.5fixed in 1.0.1.262020-04-22

CVE-2017-18752 [MEDIUM] CWE-200 CVE-2017-18752: Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST before 1.0.0.52, R7900 before 1.0.1.12, R8000 before 1

nvd

CVE-2017-18767MEDIUMCVSS 6.8fixed in 1.0.1.222020-04-22

CVE-2017-18767 [MEDIUM] CWE-74 CVE-2017-18767: Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D78 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, D8500 before 1.0.3.39, R6400 before 1.0.1.14, R6400v2 before 1.0.2.32, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7100LG before 1.0.0.32, R7300 before 1.0.0.56, R7800 before 1.0.2.36, R7900 before 1.0.2.10,

nvd

CVE-2017-18769MEDIUMCVSS 4.6fixed in 1.0.1.26fixed in 1.2.0.42020-04-22

CVE-2017-18769 [MEDIUM] CWE-200 CVE-2017-18769: Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.94, DGN2200Bv4 before 1.0.0.94, EX6200v2 before 1.0.1.50, EX7000 before 1.0.0.56, JR6150 before 1.0.1.18, R6050 be

nvd

CVE-2017-18780MEDIUMCVSS 5.5fixed in 1.2.0.122020-04-22

CVE-2017-18780 [MEDIUM] CVE-2017-18780: Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.24, D700 Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.1

nvd

CVE-2017-18783MEDIUMCVSS 6.1fixed in 1.2.0.122020-04-22

CVE-2017-18783 [MEDIUM] CWE-79 CVE-2017-18783: Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1 Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R680

nvd

CVE-2017-18763MEDIUMCVSS 6.5fixed in 1.2.0.42020-04-22

CVE-2017-18763 [MEDIUM] CWE-20 CVE-2017-18763: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects J Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects JNR1010v2 before 1.1.0.42, JR6150 before 1.0.1.10, JWNR2010v5 before 1.1.0.42, PR2000 before 1.0.0.18, R6050 before 1.0.1.10, R6120 before 1.0.0.30, R6220 before 1.1.0.50, R6700v2 before 1.2.0.4, R6800 before 1.2.0.4, R6900v2 before 1.2.0.4, WNDR3700v5

nvd

CVE-2017-18799HIGHCVSS 7.5fixed in 1.1.1.202020-04-21

CVE-2017-18799 [HIGH] CWE-20 CVE-2017-18799: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 bef

nvd

CVE-2017-18794HIGHCVSS 8.4fixed in 1.0.1.262020-04-21

CVE-2017-18794 [HIGH] CWE-74 CVE-2017-18794: Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0. Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, R8500 before 1.0.2.100, and D6100 before 1.0.0.50_0.0.50.

nvd

CVE-2017-18800MEDIUMCVSS 6.1fixed in 1.1.0.422020-04-21

CVE-2017-18800 [MEDIUM] CWE-79 CVE-2017-18800: Certain NETGEAR devices are affected by reflected XSS. This affects R6700v2 before 1.1.0.42 and R680 Certain NETGEAR devices are affected by reflected XSS. This affects R6700v2 before 1.1.0.42 and R6800 before 1.1.0.42.

nvd

CVE-2017-18801MEDIUMCVSS 6.7fixed in 1.1.0.382020-04-21

CVE-2017-18801 [MEDIUM] CWE-74 CVE-2017-18801: Certain NETGEAR devices are affected by command injection. This affects R6220 before 1.1.0.50, R6700 Certain NETGEAR devices are affected by command injection. This affects R6220 before 1.1.0.50, R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, WNDR3700v5 before 1.1.0.48, and D7000 before 1.0.1.50.

nvd

CVE-2017-18798MEDIUMCVSS 6.2fixed in 1.1.0.382020-04-21

CVE-2017-18798 [MEDIUM] CWE-20 CVE-2017-18798: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, D7000 before 1.0.1.50, and D1500 before 1.0.0.25.

nvd

CVE-2017-18796MEDIUMCVSS 6.7fixed in 1.0.1.262020-04-21

CVE-2017-18796 [MEDIUM] CWE-74 CVE-2017-18796: Certain NETGEAR devices are affected by command injection. This affects R6400 before 1.0.1.24, R6700 Certain NETGEAR devices are affected by command injection. This affects R6400 before 1.0.1.24, R6700 before 1.0.1.26, R6900 before 1.0.1.28, R7000 before 1.0.9.10, R7000P before 1.0.1.16, R6900P before 1.0.1.16, and R7800 before 1.0.2.36.

nvd

CVE-2017-18790MEDIUMCVSS 6.2fixed in 1.0.1.262020-04-21

CVE-2017-18790 [MEDIUM] CWE-200 CVE-2017-18790: Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6700 befo Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100.

nvd

CVE-2017-18844HIGHCVSS 7.8fixed in 1.1.0.382020-04-20

CVE-2017-18844 [HIGH] CWE-522 CVE-2017-18844: Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700 Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, and D7000 before 1.0.1.50.

nvd

CVE-2017-18850HIGHCVSS 8.4fixed in 1.0.1.222020-04-20

CVE-2017-18850 [HIGH] CWE-287 CVE-2017-18850: Certain NETGEAR devices are affected by authentication bypass. This affects D6220 before 1.0.0.26, D Certain NETGEAR devices are affected by authentication bypass. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.12, R6400 before 1.01.24, R6400v2 before 1.0.2.30, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R6900P before 1.0.0.56, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R7100LG before 1.0.0.3

nvd

CVE-2017-18843HIGHCVSS 7.8fixed in 1.1.0.382020-04-20

CVE-2017-18843 [HIGH] CWE-522 CVE-2017-18843: Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700 Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, and D7000 before 1.0.1.50.

nvd

CVE-2017-18849HIGHCVSS 7.8fixed in 1.0.1.222020-04-20

CVE-2017-18849 [HIGH] CWE-74 CVE-2017-18849: Certain NETGEAR devices are affected by command injection. This affects D6220 before 1.0.0.26, D6400 Certain NETGEAR devices are affected by command injection. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.12, R6400 before 1.01.24, R6400v2 before 1.0.2.30, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R6900P before 1.0.0.56, R7000 before 1.0.9.4, R7000P before 1.0.0.56, R7100LG before 1.0.0.32, R7

nvd

CVE-2017-18845HIGHCVSS 7.8fixed in 1.1.0.382020-04-20

CVE-2017-18845 [HIGH] CWE-522 CVE-2017-18845: Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700 Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38 and R6800 before 1.1.0.38.

nvd

CVE-2017-18841MEDIUMCVSS 6.7fixed in 1.1.0.382020-04-20

CVE-2017-18841 [MEDIUM] CWE-74 CVE-2017-18841: Certain NETGEAR devices are affected by command injection. This affects R6220 before 1.1.0.46, R6700 Certain NETGEAR devices are affected by command injection. This affects R6220 before 1.1.0.46, R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, WNDR3700v5 before 1.1.0.46, and D7000 before 1.0.1.50.

nvd

← Previous7 / 9Next →