52 matches found
CVE-2021-27239
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on...
EUVD-2021-24972
Malware in sbrugna...
EUVD-2021-24973
Malware in sbrugna...
EUVD-2021-32421
Malicious code in bioql PyPI...
CVE-2021-38522
NETGEAR R6400 devices before 1.0.1.52 are affected by a stack-based buffer overflow by an authenticated user...
CVE-2021-45655
NETGEAR R6400 devices before 1.0.1.70 are affected by server-side injection...
CVE-2021-38523
NETGEAR R6400 devices before 1.0.1.70 are affected by a stack-based buffer overflow by an authenticated user...
CVE-2024-52025
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoelocalip parameter at geniepppoe.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2024-52023
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoelocalip parameter at pppoe2.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2024-52013
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptpuserip parameter at wizpptp.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2024-51021
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wangateway parameter at geniefix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
CVE-2024-51011
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoelocalip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2024-51010
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in the component apmode.cgi via the apmodegateway parameter. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...
PT-2024-8260 · NetGear · Netgear R6400V2 +2
Name of the Vulnerable Software and Affected Versions: Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128 Description: The issue is related to a buffer overflow in the bsw pppoe.cgi script of Netgear router firmware, specifically when handling the...
PT-2024-8273 · NetGear · Netgear R6400 +3
Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128 Description: The issue is related to a buffer overflow in the wiz pptp.cgi script of Netgear router firmware,...
PT-2024-8361 · NetGear · Netgear Xr300 +3
Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128 Description: The issue is related to a stack overflow in the pptp.cgi script of Netgear routers, specifically...
PT-2024-8270 · NetGear · Netgear R6400 +3
Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128 Description: The issue is related to multiple stack overflow vulnerabilities in the wlg adv.cgi component of...
PT-2024-8271 · NetGear · Netgear R6400 +3
Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128 Description: The issue is related to a stack overflow vulnerability in the genie pptp.cgi script of Netgear...
NETGEAR XR300、R7000P和R6400 安全漏洞
The NETGEAR R6400 and others are a wireless router from NETGEAR, Inc. A security vulnerability exists in NETGEAR XR300 version v1.0.3.78, R7000P version v1.3.3.154, and R6400 v2 version 1.0.4.128, which stems from a buffer overflow vulnerability contained in the pppoelocalip parameter in the...
CVE-2024-52016
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component wlgadv.cgi via the apmodedns1pri and apmodedns1sec parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS vi...