Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2019-20679

Disclosure Date: April 15, 2020 (last updated November 27, 2024)
NETGEAR MR1100 devices before 12.06.08.00 are affected by lack of access control at the function level.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-20638

Disclosure Date: April 15, 2020 (last updated February 21, 2025)
NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of administrative credentials.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-20649

Disclosure Date: April 15, 2020 (last updated November 27, 2024)
NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of sensitive information.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-14527

Disclosure Date: August 14, 2019 (last updated November 27, 2024)
An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication.
0
0
Attacker Value
Unknown

CVE-2019-14526

Disclosure Date: August 14, 2019 (last updated November 27, 2024)
An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entirely bypasses the intended security benefits of the use of a CSRF-protection token.
0
0