Netgear Srs60 Firmware vulnerabilities
11 known vulnerabilities affecting netgear/srs60_firmware.
Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2021-45645CRITICALCVSS 9.8fixed in 2.7.0.1222021-12-26
CVE-2021-45645 [HIGH] CVE-2021-45645: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects RBS50Y before 2.7.0.122, SRK60 before 2.7.0.122, SRR60 before 2.7.0.122, SRS60 before 2.7.0.122, SXK30 before 3.2.33.108, SXR30 before 3.2.33.108, SXS30 before 3.2.33.108, and SRC60 before 2.7.0.122.
nvd
CVE-2020-26920HIGHCVSS 8.8fixed in 2.5.3.1102020-10-09
CVE-2020-26920 [HIGH] CWE-77 CVE-2020-26920: Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects SRK60 before 2.5.3.110, SRR60 before 2.5.3.110, and SRS60 before 2.5.3.110.
nvd
CVE-2020-26913MEDIUMCVSS 6.8fixed in 2.2.2.202020-10-09
CVE-2020-26913 [MEDIUM] CWE-787 CVE-2020-26913: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.60, R8900 before 1.0.4.26, R9000 before 1.0.4.26, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK40 before
nvd
CVE-2020-14435HIGHCVSS 8.8fixed in 2.5.2.1042020-06-18
CVE-2020-14435 [HIGH] CWE-77 CVE-2020-14435: Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects SRK60 before 2.5.2.104, SRS60 before 2.5.2.104, SRR60 before 2.5.2.104, SRK60B03 before 2.5.2.104, SRK60B04 before 2.5.2.104, SRK60B05 before 2.5.2.104, and SRK60B06 before 2.5.2.104.
nvd
CVE-2020-11551HIGHCVSS 8.8v2.5.1.1062020-05-18
CVE-2020-11551 [HIGH] CWE-287 CVE-2020-11551: An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote write of arbitrary Wi-Fi configuration data such as authentication details
nvd
CVE-2020-11549HIGHCVSS 8.8v2.5.1.1062020-05-18
CVE-2020-11549 [HIGH] CWE-798 CVE-2020-11549: An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The root account has the same password as the Web-admin component. Thus, by exploiting CVE-2020-11551, it is possible to achieve remote code e
nvd
CVE-2020-11550MEDIUMCVSS 6.5v2.5.1.1062020-05-18
CVE-2020-11550 [MEDIUM] CVE-2020-11550: An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote leak of sensitive/arbitrary Wi-Fi information, such as SSIDs and Pre-Shared-Keys
nvd
CVE-2018-21095MEDIUMCVSS 4.3fixed in 2.2.1.2102020-04-27
CVE-2018-21095 [MEDIUM] CWE-79 CVE-2018-21095: Certain NETGEAR devices are affected by stored XSS. This affects SRR60 before 2.2.1.210 and SRS60 be
Certain NETGEAR devices are affected by stored XSS. This affects SRR60 before 2.2.1.210 and SRS60 before 2.2.1.210.
nvd
CVE-2019-20695HIGHCVSS 7.5fixed in 2.3.5.1062020-04-16
CVE-2019-20695 [HIGH] CVE-2019-20695: Certain NETGEAR devices are affected by disclosure of sensitive information. This affects SRK60 befo
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects SRK60 before 2.3.5.106, SRR60 before 2.3.5.106, and SRS60 before 2.3.5.106.
nvd
CVE-2019-20747MEDIUMCVSS 6.8fixed in 2.2.0.642020-04-16
CVE-2019-20747 [MEDIUM] CWE-787 CVE-2019-20747: Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.40, R7500v2 before 1.0.3.34, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.3.16, RAX120 before 1.0.0.74, RBK20 before 2.3.0.22, RBR20 before 2.3.0.22, RBS20 before 2.3.0.22, RBK50 befo
nvd
CVE-2019-20717MEDIUMCVSS 6.5fixed in 2.2.1.2102020-04-16
CVE-2019-20717 [MEDIUM] CVE-2019-20717: Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000
Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D7800 before 1.0.1.44, EX2700 before 1.0.1.52, EX6200v2 before 1.0.1.74, EX8000 before 1.0.1.180, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR
nvd