88 matches found
CVE-2020-10930
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of URLs. The issue results from th...
CVE-2020-10927
The CVE-2020-10927 entry concerns NETGEAR R6700 routers (variant V1.0.4.84_10.0.58). A flaw in the encryption of firmware update images stems from an inappropriate encryption algorithm, enabling network-adjacent attackers to trigger code execution with root privileges. Authentication is not requi...
CVE-2020-10927
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the encryption of firmware update images. The issue...
CVE-2020-10926
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results fro...
CVE-2020-10925
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files vi...
CVE-2020-10923
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000. A...
CVE-2020-10924
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...
(0Day) (Pwn2Own) NETGEAR R6700 check_ra Use of a Broken or Risky Cryptographic Algorithm Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the encryption of firmware update images. The issue results from the use...
(0Day) (Pwn2Own) NETGEAR R6700 check_ra Improper Certificate Validation Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via HTTPS. The issu...
(0Day) NETGEAR R6700 httpd strtblupgrade Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the la...
(0Day) NETGEAR R6700 httpd strtblupgrade Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the la...
(0Day) (Pwn2Own) NETGEAR R6700 check_ra Download of Code Without Integrity Check Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results from the lack of...
(0Day) NETGEAR R6700 httpd Improper Access Control Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of URLs. The issue results from the lack of proper...
(0Day) (Pwn2Own) NETGEAR R6700 UPnP NewBlockSiteName Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the UPnP...
(0Day) NETGEAR R6700 httpd Firmware Upload Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue...
(0Day) (Pwn2Own) NETGEAR R6700 UPnP SOAPAction Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000. A crafted UPnP message...
NETGEAR R6700 and R6900 Cross-Site Scripting Vulnerability
The NETGEAR R6700 and NETGEAR R6900 are both a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR R6700 prior to version 1.0.1.36 and the R6900 prior to version 1.0.1.34, which stems from a lack of proper validation of client data by a web application and can...
Buffer Overflow Vulnerability in Multiple NETGEAR Products (CNVD-2020-25838)
NETGEAR R6700 and others are products of NETGEAR, Inc.NETGEAR R6700 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6800 is a wireless router.NETGEAR R6800 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products. The vulnerability originates when ...
Buffer overflow vulnerability in multiple NETGEAR products (CNVD-2020-25844)
NETGEAR R6700 and others are products of NETGEAR, Inc.NETGEAR R6700 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6800 is a wireless router.NETGEAR R6800 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products, which can be exploited by an...
Buffer overflow vulnerability in multiple NETGEAR products (CNVD-2020-25848)
NETGEAR R6700 and others are products of NETGEAR, Inc.NETGEAR R6700 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6800 is a wireless router.NETGEAR R6800 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products, which can be exploited by an...