Genie Security Vulnerabilities

CVE-2024-4701

A path traversal issue potentially leading to remote code execution in Genie for all versions prior to...

CVE-2011-3808

The Bug Genie 2.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/svn_integration/config.inc.php and certain other...

CVE-2021-20172

All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which the software is going to be.....

CVE-2021-24674

The Genie WP Favicon WordPress plugin through 0.5.2 does not have CSRF in place when updating the favicon, which could allow attackers to make a logged in admin change it via a CSRF...

CVE-2016-11058

The NETGEAR genie application before 2.4.34 for Android is affected by mishandling of hard-coded API keys and session...

CVE-2013-1760

The Bug Genie before 3.2.6 has Multiple XSS and HTML Injection...

CVE-2014-5604

The Akinator the Genie FREE (aka com.digidust.elokence.akinator.freemium) application 2.46 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...