Don't forget Layer 2...
This isn't really anything to do with vulnerabilities, just a comment on Netgear's L2 switch issues.
Because I'm personally on a budget (Solved due to the donation of plenty of Cisco kit - thanks, Richard!), and work is definitely on a budget, I've been forced into useing Netgear switches (GS105/108/GS308E) at home and GS10x/GS724/FS728 at the SMB where I currently labour.
I have all sorts of 'beefs' with these blasted things..
* The GS105/108s lock up when subjected to (undiagnosed packets from) WinPE and the GS724/FS728 have individual ports that 'lock up' intermittently, so much so that one has a large-ish script ('Smart Managed' is not 'Properly Managed', you know) that spots locked up ports and down/ups them. MD/CEO is deaf to the "it's your bloody surface pro doing that" argument I present....
* The GS308E isn't manageable with a particular device attached... looks like the CPU is maxed out trying to make sense of something.
The other thing that pisses me off is that rather than change the model number like most people, they just change the *version* number ('Model X, Version Y'). I deliberately asked for a very specific thing to match some existing infrastructure (Version 4), and 'coz purchasing is done by Boss I got the cheapest one available....which was of course the way older V2 hardware that had been stuck in the supply chain for a while. Conversation was along these lines - Boss:"I can't return it , It's the same model", Me:"No it's not", followed by two unnecessary hours of effing about with upgrades and configuration to get them to even begin to 'play nicely' with each other.
Oh yeah - watch out for their implementation of 'Link Aggregation', either passive or active.
Thanks to Richard again for the donation of lots-of-ports-of Cisco gear for my home lab. Luxury in comparison!