Netgear: >> Jnr1010 Firmware Security Vulnerabilities
NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-10-16
NETGEAR JNR1010 devices before 1.0.0.32 allow cgi-bin/webproc CSRF via the :InternetGatewayDevice.X_TWSZ-COM_URL_Filter.BlackList.1.URL parameter.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-10-16
NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS.
CVSS Score
6.1
EPSS Score
0.007
Published
2019-10-16
Page 4