Gc108p Firmware Security Vulnerabilities and Issues — Gc108p Firmware CVE List

Lucene search

NetgearGc108p Firmware

3 matches found

CVE•added 2021/09/16 10:15 p.m.•58 views

CVE-2021-41314

Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create (or overwrite) a file with specific content (e.g., the "2" string). This leads to admin session crafting a...

8.8CVSS9.1AI score0.03647EPSS

CVE•added 2021/09/13 8:15 a.m.•49 views

CVE-2021-40867

Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process of logging in (e.g., behind the same NAT device, or already in possession of a foothold on an admin's...

7.8CVSS7AI score0.00119EPSS

CVE•added 2021/09/13 8:15 a.m.•40 views

CVE-2021-40866

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication when the authentication TLV is missing from a received NSDP packet. This affects GC108P before 1.0.8....

9.8CVSS8.9AI score0.01428EPSS