• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

mr1100_firmware

CVE-2019-20679

February 26, 2023 by

NETGEAR MR1100 devices before 12.06.08.00 are affected by lack of access control at the function level.

CVE-2019-20638

February 26, 2023 by

NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of administrative credentials.

CVE-2019-20649

February 26, 2023 by

NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of sensitive information.

CVE-2019-14526

February 26, 2023 by

An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entirely bypasses the intended security benefits of the use of a CSRF-protection token.

CVE-2019-14527

February 26, 2023 by

An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03. System commands can be executed, via the web interface, after authentication.

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE