Rax38 firmware

This hub aggregates every CVE we track for Rax38 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 8 most recently published vulnerabilities affecting Rax38 firmware.

• CVE-2026-0420Missing TLS certificate validation in NETGEAR's ReadyCloud client app5.9Jun 9, 2026
• CVE-2023-27358NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability8.8May 3, 2024
• CVE-2022-27642This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this ...8.8Mar 29, 2023
• CVE-2022-27647This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit...8.0Mar 29, 2023
• CVE-2022-27645This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The...8.8Mar 29, 2023
• CVE-2021-45493Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RAX35 before 1.0.4.102, RAX38 before 1.0.4.102, and RAX40 before 1.0.4.102.7.6Dec 26, 2021
• CVE-2021-41449A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, ...7.1Dec 9, 2021
• CVE-2021-38526Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX35 before 1.0.3.94, RAX38 before 1.0.3.94, and RAX40 before 1.0.3.94.4.3Aug 11, 2021