148 matches found
Design/Logic Flaw
The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.6410.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. This occurs...
CVE-2020-28041
The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.6410.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. This occurs...
PT-2020-16904 · NetGear · Netgear Nighthawk R7000
Name of the Vulnerable Software and Affected Versions: NETGEAR Nighthawk R7000 version 1.0.9.64 10.2.64 Description: The issue allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a...
NETGEAR Nighthawk X10-R9000 Command Injection Vulnerability
The NETGEAR Nighthawk X10-R9000 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR Nighthawk X10-R9000 using firmware prior to version 1.0.4.26. The vulnerability stems from a network system or product not properly filtering specific elements of externally...
NETGEAR Nighthawk X10-R9000 Authentication Bypass Vulnerability
The NETGEAR Nighthawk X10-R9000 is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR Nighthawk X10-R9000 using firmware versions prior to 1.0.4.26. An attacker could exploit the vulnerability to bypass authentication...
CVE-2019-12511
In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being enabled...
CVE-2019-12513
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the malicious DHCP request is received, the device will generate a log entry containing the malicious...
CVE-2019-12513
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the malicious DHCP request is received, the device will generate a log entry containing the malicious...
Cross site scripting
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt. The value supplied by this header will be inserted into administrative logs, found at Advanc...
CVE-2019-12513 Stored XSS via DHCP Discover Request Hostname
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the malicious DHCP request is received, the device will generate a log entry containing the malicious...
CVE-2019-12511 Root Command Injection via MAC Address in SOAP API
In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being enabled...
CVE-2019-12510 Auth Bypass Via X-Forwarded-For Header in SOAP API
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API "/soap/serversa" by supplying a malicious X-Forwarded-For header of the device's LAN IP address 192.168.1.1 in every request. As a result, an attacker may...
The vulnerability of the CGI processor (wlg_adv.cgi) in Netgear Nighthawk’s embedded software allows a hacker to execute arbitrary commands.
The vulnerability of the CGI processor wlgadv.cgi in Netgear Nighthawk router’s embedded software is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
NETGEAR Nighthawk M1 Cross-Site Request Forgery Vulnerability
The NETGEAR Nighthawk M1 is a portable wireless router from NETGEAR. A cross-site request forgery vulnerability exists in the NETGEAR Nighthawk M1 MR1100 versions prior to 12.06.03. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a...
NETGEAR Nighthawk M1 OS Command Injection Vulnerability
The NETGEAR Nighthawk M1 is a portable wireless router from NETGEAR. An operating system command injection vulnerability exists in the NETGEAR Nighthawk M1 MR1100 versions prior to 12.06.03. An attacker can exploit this vulnerability to execute system commands via the web interface...
CVE-2019-14526
An issue was discovered on NETGEAR Nighthawk M1 MR1100 devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entire...
CVE-2019-14527
An issue was discovered on NETGEAR Nighthawk M1 MR1100 devices before 12.06.03. System commands can be executed, via the web interface, after authentication...
CVE-2019-14526
An issue was discovered on NETGEAR Nighthawk M1 MR1100 devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entire...
Design/Logic Flaw
An issue was discovered on NETGEAR Nighthawk M1 MR1100 devices before 12.06.03. The web-interface Cross-Site Request Forgery token is stored in a dynamically generated JavaScript file, and therefore can be embedded in third party pages, and re-used against the Nighthawk web interface. This entire...
Breaking (Bad) Cross-Site Request Forgery Protection – The Netgear Nighthawk M1
What is CSRF? Cross-site Request Forgery CSRF is a descriptive term, but pretty oblique if you don’t know exactly what it means. Broken down, it’s pretty simple: A malicious web page running in your browser can send requests to other sites. When it sends those requests, it’ll use the current...