Xr1000

This hub aggregates every CVE we track for Xr1000, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Xr1000.

• CVE-2026-0418Certain NETGEAR devices allow administrators to tamper with system4.5Jun 9, 2026
• CVE-2026-0417Insufficient input validation in certain NETGEAR routers4.5Jun 9, 2026
• CVE-2026-9210Certain NETGEAR routers allow authenticated administrators to gain unintended control of the router4.5Jun 9, 2026
• CVE-2026-9213Insufficient input validation in certain NETGEAR routers8.1Jun 9, 2026
• CVE-2026-0410Insufficient input validation in certain NETGEAR routers4.5Jun 9, 2026
• CVE-2025-25246NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users.8.1Feb 5, 2025
• CVE-2024-35517Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter.8.4Oct 11, 2024
• BDU:2024-05871Уязвимость микропрограммного обеспечения Wi-Fi роутеров NETGEAR XR1000, связанная с недостатками контроля доступа, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации7.1Jul 31, 2024
• BDU:2024-05876Уязвимость микропрограммного обеспечения Wi-Fi роутеров NETGEAR XR1000, связанная с недостатками процедуры аутентификации, позволяющая нарушителю обойти существующие ограничения безопасности7.8Jul 31, 2024
• BDU:2022-04392Уязвимость микропрограммного обеспечения Wi-Fi роутеров RAXE500, RAXE450, XR1000, MK83, MK62, R6400v2, R7850, R6700v3, R7000P, R6900P, R8000, RS400, XR300, DC112A, R6400, WNDR3400v3, R7000, MR60, MR80, MS60, MS80, вызванная переполнением буфера на основе стека, позволяющая нарушителю выполнить произвольный код8.1Jul 15, 2022
• CVE-2021-34870This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. Authentication is not required to exploit...6.5Jan 25, 2022
• CVE-2021-45510NETGEAR XR1000 devices before 1.0.0.58 are affected by authentication bypass.8.2Dec 26, 2021
• CVE-2021-45513NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.9.6Dec 26, 2021
• CVE-2021-45514NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated attacker.9.6Dec 26, 2021
• CVE-2021-45517NETGEAR XR1000 devices before 1.0.0.58 are affected by denial of service.6.5Dec 26, 2021