Filtered by vendor Netgear
Subscriptions
Filtered by product Xr1000
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-45513 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 9.6 Critical |
| NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker. | ||||
| CVE-2021-45510 | 1 Netgear | 2 Xr1000, Xr1000 Firmware | 2024-11-21 | 8.2 High |
| NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass. | ||||
| CVE-2021-34870 | 1 Netgear | 1 Xr1000 | 2024-11-21 | 6.5 Medium |
| This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP messages. The issue results from a lack of authentication required for a privileged request. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13325. | ||||