Ex6400 Firmware Security Vulnerabilities and Issues — Ex6400 Firmware CVE List

Lucene search

NetgearEx6400 Firmware

9 matches found

CVE•added 2021/03/05 8:15 p.m.•72 views

CVE-2021-27254

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apply_save.cgi endpoint. This issue results from the use of hard-coded encrypti...

8.8CVSS9AI score0.00084EPSS

CVE•added 2021/03/05 8:15 p.m.•68 views

CVE-2021-27255

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of...

8.8CVSS9AI score0.01665EPSS

CVE•added 2021/03/05 8:15 p.m.•67 views

CVE-2021-27256

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists wit...

8.8CVSS8.8AI score0.00557EPSS

CVE•added 2021/12/26 1:15 a.m.•48 views

CVE-2021-45548

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.128, EX6400 before 1.0.2.144, EX6400v2 before 1.0.0.128, EX6...

8.8CVSS8.8AI score0.00345EPSS

CVE•added 2021/04/14 4:15 p.m.•44 views

CVE-2021-27251

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a inse...

8.8CVSS8.8AI score0.00217EPSS

CVE•added 2020/04/23 4:15 p.m.•42 views

CVE-2017-18747

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6000 before 1.0.0.24, EX6130 before 1.0.0.16, EX6400 before 1.0.1.60, EX7000 before 1.0.0.50, EX7300 before 1.0.1.60, and WN2500RPv2 before 1.0.1.46.

8.8CVSS6.5AI score0.00064EPSS

CVE•added 2021/04/14 4:15 p.m.•40 views

CVE-2021-27253

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling...

8.8CVSS8.8AI score0.00545EPSS

CVE•added 2020/04/22 4:15 p.m.•39 views

CVE-2017-18768

Certain NETGEAR devices are affected by CSRF. This affects EX6100 before 1.0.2.16_1.1.130, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.54, EX6200v2 before 1.0.1.50, EX6400 before 1.0.1.60, EX7300 before 1.0.1.60, and WN3000RPv3 before 1.0.2.44.

8.8CVSS8.6AI score0.00263EPSS

CVE•added 2021/04/14 4:15 p.m.•36 views

CVE-2021-27252

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The iss...

8.8CVSS8.8AI score0.0041EPSS