CVE-2024-51009

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at ether.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-50993

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-50999

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

NETGEAR R8500 安全漏洞

The NETGEAR R8500 is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128, which originates from the apmodegateway parameter in the apmode.cgi component containing a command injection...

NETGEAR R8500 安全漏洞

NETGEAR R8500 is a wireless router from NETGEAR. A security vulnerability exists in NETGEAR R8500 version v1.0.2.160, which originates from the sysNewPasswd parameter in the password.cgi component containing a command injection vulnerability...

NETGEAR R7000P 安全漏洞

The NETGEAR R7000P is a wireless router from NETGEAR. A buffer overflow vulnerability exists in NETGEAR R7000P v1.3.3.154, which originates from the pptpusernetmask parameter in the wizpptp.cgi component that fails to correctly validate the length of the input data, and can be exploited by a remo...

NETGEAR R8500 安全漏洞

The NETGEAR R8500 is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128, which originates from the pptpuserip parameter in the bswpptp.cgi component contains a buffer overflow vulnerability...

PT-2024-8391 · NetGear · Netgear Xr300 +3

Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128 Description: A command injection issue was discovered in the ap mode.cgi component of Netgear routers,...

PT-2024-8545 · NetGear · Netgear R7000P

Name of the Vulnerable Software and Affected Versions: Netgear R7000P version 1.3.3.154 Description: The issue is related to a stack overflow in the pptp user netmask parameter at the "pptp.cgi" endpoint. This allows attackers to cause a Denial of Service DoS via a crafted POST request. The...

The vulnerability in the operating_mode.cgi script of NETGEAR’s router microprogramming devices EX6120, EX6100, and EX3700 allows a hacker to execute arbitrary commands.

The vulnerability of the operatingmode.cgi script in NETGEAR’s microprogrammed router devices, such as EX6120, EX6100, and EX3700, is related to the lack of measures taken to protect data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

NETGEAR R7000 安全漏洞

The NETGEAR R7000 is a wireless router from NETGEAR. The NETGEAR R7000 version 1.0.11.136 suffers from a command injection vulnerability that stems from the devicename2 parameter failing to correctly filter constructed command special characters, commands, and so on. An attacker could exploit thi...

NETGEAR DGN1000WW 安全漏洞

The NETGEAR DGN1000WW is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR DGN1000WW, which can be exploited by an attacker to execute arbitrary code via a diagnostic page...

The vulnerability of NETGEAR R7000 Wi-Fi routers’ microprogramming software, related to buffer overflow in the stack, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of NETGEAR R7000 Wi-Fi routers’ microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

PT-2024-41460 · NetGear · Netgear Xr1000

Уязвимость микропрограммного обеспечения Wi-Fi роутеров NETGEAR XR1000 связана с недостатками контроля доступа. Эксплуатация уязвимости может позволить нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации...

CVE-2024-36792

An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.541.0.1 allows attackers to gain access to the router's pin...

Netgear WNR614 安全漏洞

The Netgear WNR614 is an N300 wireless router with external antenna from Netgear USA. The Netgear WNR614 has a security vulnerability that originates from storing credentials in plain text. No details of the vulnerability are provided at this time...

PT-2024-4146 · NetGear · Netgear Wnr614

Name of the Vulnerable Software and Affected Versions: Netgear WNR614 version 1.1.0.54 1.0.1 Description: The issue is related to weaknesses in the authentication procedure of the Netgear WNR614 N300 Wi-Fi router. This allows attackers to bypass authentication and access the administrative...

CVE-2024-36795

Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.541.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors...

CVE-2023-35722

NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists withi...

CVE-2023-34285

NETGEAR RAX30 cmsCliauthenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The...