Shodan
Vulnerabilities
Vulnerable Software
Netgear:  Security Vulnerabilities
CVE-2013-3074
NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash).
CVSS Score
7.5
EPSS Score
0.005
Published
2020-01-28
CVE-2019-19494
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.
CVSS Score
8.8
EPSS Score
0.691
Published
2020-01-09
CVE-2013-3070
An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN.
CVSS Score
7.5
EPSS Score
0.02
Published
2019-11-14
CVE-2013-3072
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal.
CVSS Score
9.8
EPSS Score
0.016
Published
2019-11-14
CVE-2013-3073
A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34.
CVSS Score
9.8
EPSS Score
0.067
Published
2019-11-14
CVE-2013-3516
NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-11-13
CVE-2013-3517
Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L.
CVSS Score
5.4
EPSS Score
0.003
Published
2019-11-13
CVE-2013-4657
Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-11-13
CVE-2016-11014
NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-10-16
CVE-2016-11015
NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-10-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved