Ex6120 firmware

This hub aggregates every CVE we track for Ex6120 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Ex6120 firmware.

• CVE-2026-0418Certain NETGEAR devices allow administrators to tamper with system4.5Jun 9, 2026
• CVE-2026-9210Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router4.5Jun 9, 2026
• CVE-2025-4140Netgear EX6120 sub_30394 buffer overflow8.8Apr 30, 2025
• CVE-2025-4139Netgear EX6120 fwAcosCgiInbound buffer overflow8.8Apr 30, 2025
• CVE-2024-35518Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter.8.4Oct 14, 2024
• CVE-2024-35519Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.8.4Oct 14, 2024
• CVE-2021-34983NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability6.5May 7, 2024
• CVE-2021-34982NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability8.8May 7, 2024
• CVE-2022-27643This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this...8.8Mar 29, 2023
• CVE-2021-45512Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62, D8500 before 1.0.3.50, EX3700 before 1.0.0.84, EX3800 before 1.0.0.84, EX6120 before 1.0.0.54, EX613...8.6Dec 26, 2021
• CVE-2021-45526Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX6000 before 1.0.0.38, EX6120 before 1.0.0.48, EX6130 before 1.0.0.30, R6300v2 before 1.0.4.52, R64...7.3Dec 26, 2021
• CVE-2021-45533Certain NETGEAR devices are affected by command injection by an authenticated user. This affects EX6120 before 1.0.0.66, EX6130 before 1.0.0.46, EX7000 before 1.0.1.106, EX7500 before 1.0.1.76, EX3...8.4Dec 26, 2021
• CVE-2021-45621Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.24, CBR750 before 3.2.18.2, EAX20 before 1.0.0.58, EAX80 before 1.0.1.68, E...9.6Dec 26, 2021
• CVE-2021-45639Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 befor...5.2Dec 26, 2021
• CVE-2021-45640Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, D6200 before 1.1.00.34, D6220 before 1.0.0.52, D6400...3.9Dec 26, 2021