Netgear R8900 Firmware vulnerabilities

134 known vulnerabilities affecting netgear/r8900_firmware.

Total CVEs

134

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL10HIGH27MEDIUM97

Vulnerabilities

Page 4 of 7

CVE-2020-35792MEDIUMCVSS 6.8fixed in 1.0.5.22020-12-30

CVE-2020-35792 [MEDIUM] CWE-77 CVE-2020-35792: Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R75 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7500v2 before 1.0.3.48, R8900 before 1.0.5.2, R9000 before 1.0.5.2, and R7800 before 1.0.2.68.

nvd

CVE-2020-35834MEDIUMCVSS 4.8fixed in 1.0.4.282020-12-30

CVE-2020-35834 [MEDIUM] CWE-79 CVE-2020-35834: Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 befo Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

nvd

CVE-2020-35791MEDIUMCVSS 6.7fixed in 1.0.5.22020-12-30

CVE-2020-35791 [MEDIUM] CWE-77 CVE-2020-35791: Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R78 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.68, R8900 before 1.0.5.2, and R9000 before 1.0.5.2.

nvd

CVE-2020-35814MEDIUMCVSS 4.8fixed in 1.0.4.282020-12-30

CVE-2020-35814 [MEDIUM] CWE-79 CVE-2020-35814: Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 before 2.3.5.30, RBR50 befo

nvd

CVE-2020-35830MEDIUMCVSS 4.8fixed in 1.0.4.282020-12-30

CVE-2020-35830 [MEDIUM] CWE-79 CVE-2020-35830: Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 befo Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 be

nvd

CVE-2020-35811MEDIUMCVSS 4.8fixed in 1.0.4.282020-12-30

CVE-2020-35811 [MEDIUM] CWE-79 CVE-2020-35811: Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 befo Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK20 before 2.3.5.26, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK50 be

nvd

CVE-2020-35808MEDIUMCVSS 4.8fixed in 1.0.4.122020-12-30

CVE-2020-35808 [MEDIUM] CWE-79 CVE-2020-35808: Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.63, DM200 before 1.0.0.61, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WN3000RPv2 before 1.0.0.68, and WNR2000v5 before 1.0.0.66.

nvd

CVE-2020-35809MEDIUMCVSS 4.8fixed in 1.0.4.282020-12-30

CVE-2020-35809 [MEDIUM] CWE-79 CVE-2020-35809: Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 befo Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

nvd

CVE-2020-26915MEDIUMCVSS 4.8fixed in 1.0.4.282020-10-09

CVE-2020-26915 [MEDIUM] CWE-79 CVE-2020-26915: Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 befo Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.

nvd

CVE-2020-26913MEDIUMCVSS 6.8fixed in 1.0.4.262020-10-09

CVE-2020-26913 [MEDIUM] CWE-787 CVE-2020-26913: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before

nvd

CVE-2018-21153CRITICALCVSS 9.8fixed in 1.0.3.102020-04-27

CVE-2018-21153 [CRITICAL] CWE-120 CVE-2018-21153: Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.62, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7

nvd

CVE-2018-21155MEDIUMCVSS 6.1fixed in 1.0.4.22020-04-27

CVE-2018-21155 [MEDIUM] CWE-79 CVE-2018-21155: Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.34, DM200 before Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.52, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.4.2, R9000 before 1.0.3.16, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 befor

nvd

CVE-2018-21167MEDIUMCVSS 5.5fixed in 1.0.3.102020-04-27

CVE-2018-21167 [MEDIUM] CWE-79 CVE-2018-21167: Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.

nvd

CVE-2018-21152MEDIUMCVSS 6.8fixed in 1.0.3.102020-04-27

CVE-2018-21152 [MEDIUM] CWE-78 CVE-2018-21152: Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D78 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54.

nvd

CVE-2018-21149MEDIUMCVSS 6.8fixed in 1.0.3.102020-04-27

CVE-2018-21149 [MEDIUM] CWE-787 CVE-2018-21149: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.0.54, WNDR4300v2 before 1.0.0.54

nvd

CVE-2018-21135HIGHCVSS 7.2fixed in 1.0.4.22020-04-23

CVE-2018-21135 [HIGH] CWE-787 CVE-2018-21135: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6700 before 1.0.1.48, R7500 before 1.0.0.124, R7800 before 1.0.2.58, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, and WNR2000v5-R2

nvd

CVE-2018-21142MEDIUMCVSS 4.9fixed in 1.0.3.102020-04-23

CVE-2018-21142 [MEDIUM] CVE-2018-21142: Certain NETGEAR devices are affected by denial of service. This affects R6100 before 1.0.1.22, R7500 Certain NETGEAR devices are affected by denial of service. This affects R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64.

nvd

CVE-2018-21166MEDIUMCVSS 4.9fixed in 1.0.3.102020-04-23

CVE-2018-21166 [MEDIUM] CVE-2018-21166: Certain NETGEAR devices are affected by denial of service. This affects R6100 before 1.0.1.22, R7500 Certain NETGEAR devices are affected by denial of service. This affects R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64.

nvd

CVE-2018-21165MEDIUMCVSS 4.9fixed in 1.0.3.102020-04-23

CVE-2018-21165 [MEDIUM] CVE-2018-21165: Certain NETGEAR devices are affected by denial of service. This affects R6100 before 1.0.1.22, R7500 Certain NETGEAR devices are affected by denial of service. This affects R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64.

nvd

CVE-2018-21113HIGHCVSS 8.8fixed in 1.0.4.122020-04-22

CVE-2018-21113 [HIGH] CWE-74 CVE-2018-21113: Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.42, R6100 before 1.0.1.28, R7500 before 1.0.0.130, R7500v2 before 1.0.3.36, R7800 before 1.0.2.52, R8900 before 1.0.4.12, R9000 before 1.0.4.12, WNDR3700v4 before 1.0.2.102, WNDR4300 before 1.0.2.104, WNDR4300

nvd

← Previous4 / 7Next →