U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/h:netgear:wnr3500l:-
There are 4 matching records.
Displaying matches 1 through 4.
Vuln ID Summary CVSS Severity
CVE-2013-3516

NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens.

Published: November 13, 2019; 3:15:10 PM -0500 		V3.1: 6.5 MEDIUM
 V2.0: 4.3 MEDIUM
CVE-2013-3517

Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L.

Published: November 13, 2019; 2:15:11 PM -0500 		V3.1: 5.4 MEDIUM
 V2.0: 3.5 LOW
CVE-2013-4657

Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service.

Published: November 13, 2019; 1:15:10 PM -0500 		V3.1: 9.8 CRITICAL
 V2.0: 10.0 HIGH
CVE-2019-17372

Certain NETGEAR devices allow remote attackers to disable all authentication requirements by visiting genieDisableLanChanged.cgi. The attacker can then, for example, visit MNU_accessPassword_recovered.html to obtain a valid new admin password. This affects AC1450, D8500, DC112A, JNDR3000, LG2200D, R4500, R6200, R6200V2, R6250, R6300, R6300v2, R6400, R6700, R6900P, R6900, R7000P, R7000, R7100LG, R7300, R7900, R8000, R8300, R8500, WGR614v10, WN2500RPv2, WNDR3400v2, WNDR3700v3, WNDR4000, WNDR4500, WNDR4500v2, WNR1000, WNR1000v3, WNR3500L, and WNR3500L.

Published: October 09, 2019; 9:15:16 AM -0400 		V3.1: 8.1 HIGH
 V2.0: 4.3 MEDIUM