114 matches found
CVE-2026-0404
An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...
CVE-2026-0403
An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections...
CVE-2026-0404 Insufficient input validation in NETGEAR Orbi routers
An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...
CVE-2026-0404 Insufficient input validation in NETGEAR Orbi routers
An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...
CVE-2026-0405 Authentication Bypass in NETGEAR Orbi Devices
An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin...
CVE-2026-0405 Authentication Bypass in NETGEAR Orbi Devices
An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin...
CVE-2026-0405
CVE-2026-0405 affects NETGEAR Orbi devices: an authentication bypass allows users on the local network to access the router web interface with admin privileges. Exploitation requires local network access (attack vector: adjacent, low complexity, no user interaction). Impact per metrics is HIGH fo...
CVE-2026-0403 Insufficient input validation in NETGEAR Orbi routers
An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections...
CVE-2026-0403
The CVE-2026-0403 entry concerns NETGEAR Orbi routers with an insufficient input validation vulnerability that enables OS command injections when an attacker is connected to the LAN. Affected component is the router software; the root cause is input validation weakness. Documented impact indicate...
CVE-2026-0403 Insufficient input validation in NETGEAR Orbi routers
An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections...
PT-2026-2626
CVE-2026-0403 An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections. https://t.co/RZjGc6Wp0E...
PT-2026-2628
Name of the Vulnerable Software and Affected Versions NETGEAR Orbi affected versions not specified Description A flaw exists that allows users on the local network to gain administrative access to the router web interface without proper authentication. This bypass enables unauthorized access to...
PT-2026-2627
An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...
NETGEAR Orbi 安全漏洞
NETGEAR Orbi is a distributed WiFi system from NETGEAR. A security vulnerability exists in the NETGEAR Orbi that stems from insufficient input validation of the DHCPv6 feature, which could lead to OS command injection...
CVE-2023-49007
In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd...
CVE-2022-38458
A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information...
CVE-2022-38452
A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability...
CVE-2022-37337
A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
EUVD-2020-3901
Malware in sbrugna...
EUVD-2020-3900
Malware in sbrugna...