Xr500
This hub aggregates every CVE we track for Xr500, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
13
CVEs tracked
1
Critical
6
High
0
In CISA KEV
Severity distribution
HIGH6MEDIUM5LOW1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
2024-072026-06
Latest CVEs
The 13 most recently published vulnerabilities affecting Xr500.
- CVE-2026-9212Insufficient authentication and input validation in certain NETGEAR products8.0
- CVE-2025-25246NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users.8.1
- BDU:2023-00494Уязвимость встроенного программного обеспечения Wi-Fi роутеров NETGEAR XR450 и XR500, связанная с непринятием мер по чистке данных на управляющем уровне, позволяющая нарушителю выполнять произвольные команды7.0
- CVE-2021-45548Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.60, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX62...6.3
- CVE-2021-45550Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 be...6.6
- CVE-2021-45602Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.1...6.1
- CVE-2021-45603Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device's serial number, which can be used for a password reset. This affects D7800 before 1.0.1...6.1
- CVE-2021-45618Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.64, EX6200v2 before 1.0.1.86, EX6250 before 1.0.0.134, EX7700 before 1.0.0....9.6
- CVE-2021-45623Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R7800 before 1.0.2.74, R9000 before 1.0.5.2, and XR500 before 2.3.2.66.8.3
- CVE-2021-45640Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400...3.9
- CVE-2021-45641Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400...4.6
- CVE-2021-45642Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.64, EX6250 before 1.0.0.134, EX7700 before 1.0.0.222, LBR20 before 2.6.3.50, RB...7.5
- CVE-2021-45658Certain NETGEAR devices are affected by server-side injection. This affects D7800 before 1.0.1.58, DM200 before 1.0.0.66, EX2700 before 1.0.1.56, EX6150v2 before 1.0.1.86, EX6100v2 before 1.0.1.86,...7.1
Product normalization is registry-driven with AI assist and human review. How it works