Lucene search

Wac104 Firmware Security Vulnerabilities

cve

CVE-2020-35788

NETGEAR WAC104 devices before 1.0.4.13 are affected by a buffer overflow by an authenticated user.

7.6CVSS

6.8AI Score

0.0004EPSS

2020-12-30 12:15 AM

cve

CVE-2021-35973

NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the &currentsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866. This directly allows the...

9.8CVSS

9.1AI Score

0.005EPSS

2021-06-30 03:15 PM

cve

CVE-2021-38532

NETGEAR WAC104 devices before 1.0.4.15 are affected by incorrect configuration of security settings.

7.2CVSS

7AI Score

0.001EPSS

2021-08-11 12:17 AM

cve

CVE-2021-44261

A vulnerability is in the 'BRS_top.html' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes firmware version information for the device.

5.3CVSS

5.2AI Score

0.002EPSS

2022-03-17 01:15 PM

cve

CVE-2021-44262

A vulnerability is in the 'MNU_top.htm' page of the Netgear W104, version WAC104-V1.0.4.13, which can allow a remote attacker to access this page without any authentication. When processed, it exposes some key information for the device.

7.5CVSS

7.3AI Score

0.003EPSS

2022-03-17 01:15 PM