R6850 firmware

This hub aggregates every CVE we track for R6850 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Networking Infrastructure

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

MEDIUM13HIGH8CRITICAL6

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting R6850 firmware.

CVE-2025-12942Improper input validation in NETGEAR R6260 and R68507.5Nov 11, 2025
CVE-2024-30572Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntp_server parameter.8.0Apr 3, 2024
CVE-2024-30570An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.5.3Apr 3, 2024
CVE-2024-30571An information leak in the BRS_top.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.7.5Apr 3, 2024
CVE-2024-30568Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter.9.8Apr 3, 2024
CVE-2024-30569An information leak in currentsetting.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required.7.5Apr 3, 2024
CVE-2021-34865This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. Th...8.8Jan 25, 2022
CVE-2021-45501Certain NETGEAR devices are affected by authentication bypass. This affects AC2400 before 1.1.0.84, AC2600 before 1.1.0.84, D7000 before 1.0.1.82, R6020 before 1.0.0.52, R6080 before 1.0.0.52, R612...9.4Dec 26, 2021
CVE-2021-45511Certain NETGEAR devices are affected by authentication bypass. This affects AC2100 before 2021-08-27, AC2400 before 2021-08-27, AC2600 before 2021-08-27, D7000 before 2021-08-27, R6220 before 2021-...6.8Dec 26, 2021
CVE-2021-45534Certain NETGEAR devices are affected by command injection by an authenticated user. This affects AC2100 before 1.2.0.88, AC2400 before 1.2.0.88, AC2600 before 1.2.0.88, D7000 before 1.0.1.82, R6220...7.8Dec 26, 2021
CVE-2021-45644Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.88, AC2400 before 1.2.0.88, AC2600 before 1.2.0.88, R6220 before 1.1.0.110, R6...6.8Dec 26, 2021
CVE-2021-45647Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120 before 1.0.0.76, R6220 before 1.1.0.110, R6230 before...6.5Dec 26, 2021
CVE-2021-45672Certain NETGEAR devices are affected by Stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.76, R6220 before 1.1...4.2Dec 26, 2021
CVE-2021-45675Certain NETGEAR devices are affected by stored XSS. This affects R6120 before 1.0.0.76, R6260 before 1.1.0.78, R6850 before 1.1.0.78, R6350 before 1.1.0.78, R6330 before 1.1.0.78, R6800 before 1.2....5.8Dec 26, 2021
CVE-2021-38516Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D7800 before 1.0.1.44, D850...10.0Aug 11, 2021

Product normalization is registry-driven with AI assist and human review. How it works