Lucene search
+L

88 matches found

Cvelist
Cvelist
added 2020/07/28 5:10 p.m.26 views

CVE-2020-10930

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of URLs. The issue results from th...

6.5CVSS6.2AI score0.00916EPSS
Exploits0References1
CVE
CVE
added 2020/07/28 5:10 p.m.64 views

CVE-2020-10927

The CVE-2020-10927 entry concerns NETGEAR R6700 routers (variant V1.0.4.84_10.0.58). A flaw in the encryption of firmware update images stems from an inappropriate encryption algorithm, enabling network-adjacent attackers to trigger code execution with root privileges. Authentication is not requi...

8.8CVSS8.7AI score0.00915EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/28 5:10 p.m.29 views

CVE-2020-10927

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the encryption of firmware update images. The issue...

7.5CVSS8.7AI score0.00915EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/28 5:10 p.m.21 views

CVE-2020-10926

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results fro...

7.5CVSS8.7AI score0.01222EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/28 5:10 p.m.32 views

CVE-2020-10925

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files vi...

7.5CVSS8.6AI score0.01431EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/07/28 12:0 a.m.58 views

CVE-2020-10923

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000. A...

8.8CVSS2.4AI score0.87343EPSS
In wildExploits2References2
ATTACKERKB
ATTACKERKB
added 2020/07/28 12:0 a.m.34 views

CVE-2020-10924

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

8.8CVSS2.7AI score0.87343EPSS
Exploits2References2
Zero Day Initiative
Zero Day Initiative
added 2020/06/15 12:0 a.m.25 views

(0Day) (Pwn2Own) NETGEAR R6700 check_ra Use of a Broken or Risky Cryptographic Algorithm Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the encryption of firmware update images. The issue results from the use...

7.5CVSS4.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/06/15 12:0 a.m.23 views

(0Day) (Pwn2Own) NETGEAR R6700 check_ra Improper Certificate Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via HTTPS. The issu...

7.5CVSS3.5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/06/15 12:0 a.m.26 views

(0Day) NETGEAR R6700 httpd strtblupgrade Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the la...

8.4CVSS2.8AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/06/15 12:0 a.m.44 views

(0Day) NETGEAR R6700 httpd strtblupgrade Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the la...

8.8CVSS3.5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/06/15 12:0 a.m.25 views

(0Day) (Pwn2Own) NETGEAR R6700 check_ra Download of Code Without Integrity Check Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results from the lack of...

7.5CVSS3.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/06/15 12:0 a.m.18 views

(0Day) NETGEAR R6700 httpd Improper Access Control Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of URLs. The issue results from the lack of proper...

6.5CVSS0.5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/06/15 12:0 a.m.101 views

(0Day) (Pwn2Own) NETGEAR R6700 UPnP NewBlockSiteName Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the UPnP...

8.8CVSS3.6AI score0.87343EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
added 2020/06/15 12:0 a.m.58 views

(0Day) NETGEAR R6700 httpd Firmware Upload Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue...

8.8CVSS7.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/06/15 12:0 a.m.79 views

(0Day) (Pwn2Own) NETGEAR R6700 UPnP SOAPAction Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000. A crafted UPnP message...

6.5CVSS4.1AI score
Exploits0
CNVD
CNVD
added 2020/04/26 12:0 a.m.2 views

NETGEAR R6700 and R6900 Cross-Site Scripting Vulnerability

The NETGEAR R6700 and NETGEAR R6900 are both a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR R6700 prior to version 1.0.1.36 and the R6900 prior to version 1.0.1.34, which stems from a lack of proper validation of client data by a web application and can...

6.1CVSS6.4AI score0.00647EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/26 12:0 a.m.4 views

Buffer Overflow Vulnerability in Multiple NETGEAR Products (CNVD-2020-25838)

NETGEAR R6700 and others are products of NETGEAR, Inc.NETGEAR R6700 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6800 is a wireless router.NETGEAR R6800 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products. The vulnerability originates when ...

8.8CVSS7.3AI score0.00866EPSS
Exploits0
CNVD
CNVD
added 2020/04/26 12:0 a.m.5 views

Buffer overflow vulnerability in multiple NETGEAR products (CNVD-2020-25844)

NETGEAR R6700 and others are products of NETGEAR, Inc.NETGEAR R6700 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6800 is a wireless router.NETGEAR R6800 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products, which can be exploited by an...

8.8CVSS7.5AI score0.00567EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/26 12:0 a.m.5 views

Buffer overflow vulnerability in multiple NETGEAR products (CNVD-2020-25848)

NETGEAR R6700 and others are products of NETGEAR, Inc.NETGEAR R6700 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6800 is a wireless router.NETGEAR R6800 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products, which can be exploited by an...

8.8CVSS7.5AI score0.00786EPSS
Exploits0References1
Rows per page
Query Builder