18 matches found
CVE-2020-26931
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
CVE-2020-26931
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
CVE-2020-26931
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
CVE-2020-26922
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
CVE-2020-26923
Certain NETGEAR devices are affected by stored XSS. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
CVE-2020-26922
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
CVE-2020-26923
Certain NETGEAR devices are affected by stored XSS. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
Code injection
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
Cross site scripting
Certain NETGEAR devices are affected by stored XSS. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
Command injection
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
CVE-2020-26922
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24...
CVE-2020-26923
CVE-2020-26923 affects NETGEAR WC7500/WC7600/WC7600v2/WC9500 devices prior to version 6.5.5.24, where a stored cross-site scripting (XSS) vulnerability exists in the product’s web interface. The NVD entries list CVSS metrics: CVSSv3.1 base score 4.8 (MEDIUM) with NETWORK attack vector, LOW attack...
CVE-2020-26931
CVE-2020-26931 affects certain NETGEAR wireless controllers (WC7500, WC7600, WC7600v2, WC9500) where sensitive information disclosure is possible. The issue is described as disclosure of sensitive information on these devices prior to version 6.5.5.24; mitigation is to upgrade to 6.5.5.24 or late...
CVE-2018-11106
NETGEAR devices affected: WC7500, WC7520, WC7600v1, WC7600v2, and WC9500. Issue: pre-authentication command injection in request_handler.php. Root cause: improper handling in the PHP request handler allows arbitrary commands to be executed before authentication. Impact (as stated): high confident...
CVE-2016-11022
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to loginhandler.php...
Code injection
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to loginhandler.php...
CVE-2016-11022
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to loginhandler.php...
CVE-2016-11022
CVE-2016-11022 affects NETGEAR Prosafe WC9500 (v5.1.0.17), WC7600 (v5.1.0.17), and WC7520 (v2.5.0.35). A remote attacker can achieve code execution with root privileges by supplying shell metacharacters in the reqMethod parameter to login_handler.php. The entry explicitly describes remote code ex...