Netgear Wndap350 Firmware vulnerabilities
10 known vulnerabilities affecting netgear/wndap350_firmware.
Total CVEs
10
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL3HIGH5MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2017-18863HIGHCVSS 7.1fixed in 3.5.20.02020-04-28
CVE-2017-18863 [HIGH] CWE-74 CVE-2017-18863: Certain NETGEAR devices are affected by command execution via a PHP form. This affects WN604 3.3.3 a
Certain NETGEAR devices are affected by command execution via a PHP form. This affects WN604 3.3.3 and earlier, WNAP210v2 3.5.20.0 and earlier, WNAP320 3.5.20.0 and earlier, WNDAP350 3.5.20.0 and earlier, WNDAP360 3.5.20.0 and earlier, WNDAP620 2.0.11 and earlier, WNDAP660 3.5.20.0 and earlier, WND930 2.0.11 and earlier, and WAC120 2.0.7 and earlier.
nvd
CVE-2018-21097CRITICALCVSS 9.8fixed in 3.7.11.42020-04-27
CVE-2018-21097 [CRITICAL] CWE-787 CVE-2018-21097: Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WAC120 before 2.1.7, WN604 before 3.3.10, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before
nvd
CVE-2018-21096HIGHCVSS 7.4fixed in 3.7.11.42020-04-27
CVE-2018-21096 [HIGH] CWE-352 CVE-2018-21096: Certain NETGEAR devices are affected by CSRF. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.
Certain NETGEAR devices are affected by CSRF. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, WND930 before 2.1.5, and WN604 before 3.3.10.
nvd
CVE-2018-21094HIGHCVSS 7.3fixed in 3.7.11.42020-04-27
CVE-2018-21094 [HIGH] CVE-2018-21094: Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects W
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, WND930 before 2.1.5, and WN604 before 3.3.
nvd
CVE-2018-21120HIGHCVSS 8.0fixed in 3.7.11.42020-04-22
CVE-2018-21120 [HIGH] CWE-352 CVE-2018-21120: Certain NETGEAR devices are affected by CSRF. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.
Certain NETGEAR devices are affected by CSRF. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, WND930 before 2.1.5, and WN604 before 3.3.10.
nvd
CVE-2017-18805MEDIUMCVSS 6.7fixed in 3.7.4.02020-04-21
CVE-2017-18805 [MEDIUM] CWE-74 CVE-2017-18805: Certain NETGEAR devices are affected by command injection. This affects WAC510 before 1.3.0.10, WAC1
Certain NETGEAR devices are affected by command injection. This affects WAC510 before 1.3.0.10, WAC120 before 2.1.4, WNDAP620 before 2.1.3, WND930 before 2.1.2, WN604 before 3.3.7, WNDAP660 before 3.7.4.0, WNDAP350 before 3.7.4.0, WNAP320 before 3.7.4.0, WNAP210v2 before 3.7.4.0, and WNDAP360 before 3.7.4.0.
nvd
CVE-2017-18806MEDIUMCVSS 6.7fixed in 3.7.4.02020-04-21
CVE-2017-18806 [MEDIUM] CWE-74 CVE-2017-18806: Certain NETGEAR devices are affected by command injection. This affects WAC510 before 1.3.0.10, WAC1
Certain NETGEAR devices are affected by command injection. This affects WAC510 before 1.3.0.10, WAC120 before 2.1.4, WNDAP620 before 2.1.3, WND930 before 2.1.2, WN604 before 3.3.7, WNDAP660 before 3.7.4.0, WNDAP350 before 3.7.4.0, WNAP320 before 3.7.4.0, WNAP210v2 before 3.7.4.0, and WNDAP360 before 3.7.4.0.
nvd
CVE-2016-1555CRITICALCVSS 9.8KEVPoC≤ 3.0.5.02017-04-21
CVE-2016-1555 [CRITICAL] CWE-77 CVE-2016-1555: (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardD
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
nvd
CVE-2016-1557CRITICALCVSS 9.8≤ 3.0.5.02017-04-21
CVE-2016-1557 [CRITICAL] CWE-200 CVE-2016-1557: Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative
Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames and passwords over SNMP.
nvd
CVE-2016-1556HIGHCVSS 7.5≤ 3.0.5.02017-04-21
CVE-2016-1556 [HIGH] CWE-200 CVE-2016-1556: Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 befor
Information disclosure in Netgear WN604 before 3.3.3; WNAP210, WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0; and WND930 before 2.0.11 allows remote attackers to read the wireless WPS PIN or passphrase by visiting unauthenticated webpages.
nvd