CVE-2019-20739

NETGEAR R8500 devices before v1.0.2.128 are affected by a buffer overflow by an unauthenticated attacker...

CVE-2022-27945

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi...

CVE-2022-27946

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to adminaccount.cgi...

EUVD-2019-11278

Malware in sbrugna...

EUVD-2022-32434

Malicious code in bioql PyPI...

EUVD-2022-32433

Malicious code in bioql PyPI...

EUVD-2022-32435

Malicious code in bioql PyPI...

CVE-2024-52019

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at geniefix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-52021

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at bswfix.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-50993

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-50999

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-51001

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the sysDNSHost parameter at ddns.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-51009

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-51005

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sharename parameter at usbremotesmbconf.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-51003

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the component apmode.cgi via the apmodedns1pri and apmodedns1sec parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS vi...

CVE-2024-51000

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component wireless.cgi via the opmode, opmodean, and opmodean2 parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-51004

Netgear R8500 v1.0.2.160 and R7000P v1.3.3.154 were discovered to multiple stack overflow vulnerabilities in the component usbdevice.cgi via the cifsuser, readaccess, and writeaccess parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-52020

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at wizfix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-50995

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the sharename parameter at usbremotesmbconf.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-50994

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component ipv6fix.cgi via the ipv6wanipaddr, ipv6lanipaddr, ipv6wanlength, and ipv6lanlength parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted POST...