Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-45588 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-45590 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-45589 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-45591 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-45592 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-45513 1 Netgear 2 Xr1000, Xr1000 Firmware 2022-01-04 5.8 MEDIUM 9.6 CRITICAL
NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.
CVE-2021-41610 2022-01-04 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-27339. Reason: This candidate is a reservation duplicate of CVE-2020-27339. Notes: All CVE users should reference CVE-2020-27339 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2021-27449 1 Mesalabs 1 Amegaview 2022-01-04 6.5 MEDIUM 8.8 HIGH
Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server.
CVE-2021-45560 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-45559 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-23772 2 Golang, Iris-go 2 Go, Iris 2022-01-04 6.8 MEDIUM 8.8 HIGH
This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary locations outside the designated target folder.
CVE-2021-27447 1 Mesalabs 1 Amegaview 2022-01-04 7.5 HIGH 9.8 CRITICAL
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.
CVE-2021-27451 1 Mesalabs 1 Amegaview 2022-01-04 7.5 HIGH 9.8 CRITICAL
Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generated by an easily reversible algorithm, which may allow an attacker to gain access to the device.
CVE-2021-27453 1 Mesalabs 1 Amegaview 2022-01-04 7.5 HIGH 9.8 CRITICAL
Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication to the web application, which may allow an attacker to gain access.
CVE-2021-45561 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-45570 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-45493 1 Netgear 6 Rax35, Rax35 Firmware, Rax38 and 3 more 2022-01-04 5.0 MEDIUM 7.5 HIGH
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35 before 1.0.4.102, RAX38 before 1.0.4.102, and RAX40 before 1.0.4.102.
CVE-2021-44207 1 Acclaimsystems 1 Usaherds 2022-01-04 6.8 MEDIUM 8.1 HIGH
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.
CVE-2021-45571 1 Netgear 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more 2022-01-04 5.2 MEDIUM 6.8 MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, and RBS850 before 3.2.16.6.
CVE-2021-4162 1 Archivy Project 1 Archivy 2022-01-04 4.3 MEDIUM 4.3 MEDIUM
archivy is vulnerable to Cross-Site Request Forgery (CSRF)