Lucene search
K

24 matches found

VulnCheck KEV
VulnCheck KEV
added 2022/03/25 12:0 a.m.6 views

VulnCheck KEV: CVE-2016-10174

The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution...

10CVSS7.8AI score0.8345EPSS
Exploits6References1
CNVD
CNVD
added 2021/05/10 12:0 a.m.3 views

NETGEAR WNR2000v5 Router Has Weak Password Vulnerability

The NETGEAR WNR2000v5 router is a wireless router device. A weak password vulnerability exists in the NETGEAR WNR2000v5 router, which can be exploited by an attacker to compromise the device, obtain sensitive information, and perform unauthorized operations...

7AI score
Exploits0
OSV
OSV
added 2021/03/23 7:15 a.m.4 views

CVE-2021-29069

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before 2.3.2.114, and WNR2000v5 before 1.0.0.76...

8.4CVSS7.3AI score0.00462EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/23 12:0 a.m.7 views

多款Netgear产品命令注入漏洞

Netgear NETGEAR XR500 and others are products of Netgear, Inc.NETGEAR XR500 is a wireless router.NETGEAR WNR2000v5 is a router.NETGEAR XR450 is a router. A command injection vulnerability exists in multiple NETGEAR models that allows command injection by an authenticated user. The following...

8.4CVSS7.8AI score0.00462EPSS
Exploits0References2
OSV
OSV
added 2020/04/28 3:15 p.m.4 views

CVE-2018-21188

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.30, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3...

6.8CVSS6.2AI score0.00568EPSS
Exploits0References1
OSV
OSV
added 2020/04/27 9:15 p.m.5 views

CVE-2018-21179

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, D7800 before 1.0.1.30, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before...

6.8CVSS6.2AI score0.00568EPSS
Exploits0References1
OSV
OSV
added 2020/04/27 6:15 p.m.4 views

CVE-2018-21155

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.52, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.4.2, R9000 before 1.0.3.16, WNDR4300 before 1.0.2.98, WNDR4300v2 before...

6.1CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2020/04/27 6:15 p.m.5 views

CVE-2018-21172

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62...

6.8CVSS6.2AI score0.00568EPSS
Exploits0References1
OSV
OSV
added 2020/04/22 3:15 p.m.5 views

CVE-2018-21111

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.60, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300 before...

6.8CVSS6.2AI score0.00568EPSS
Exploits0References1
OSV
OSV
added 2020/04/16 7:15 p.m.5 views

CVE-2019-20725

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before...

6.8CVSS7AI score0.00554EPSS
Exploits0References1
Talos
Talos
added 2019/09/09 12:0 a.m.67 views

NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon hostapd on the NETGEAR N300 WNR2000v5 wireless router. A SOAP request sent in an invalid sequence to the service can cause a null pointer dereference, resulting in the hostapd service crashing. An...

7.5CVSS7.5AI score0.02014EPSS
Exploits1
VulnCheck KEV
VulnCheck KEV
added 2017/09/13 12:0 a.m.4 views

VulnCheck KEV: CVE-2016-10176

The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server uhttpd and processed accordingly. The web server also contains another URL, applynoauth.cgi,...

9.8CVSS7.3AI score0.77426EPSS
Exploits3References1
0day.today
0day.today
added 2017/03/25 12:0 a.m.65 views

NETGEAR WNR2000v5 - (Un)authenticated hidden_lang_avi Stack Overflow Exploit

Exploit for hardware platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'time' class MetasploitModule 'NETGEAR WNR2000v5 Unauthenticated hiddenlangavi Stack...

10CVSS9.2AI score0.8345EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/03/24 12:0 a.m.93 views

Netgear WNR2000v5 - 'hidden_lang_avi' Remote Stack Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'time' class MetasploitModule 'NETGEAR WNR2000v5 Unauthenticated hiddenlangavi Stack Overflow', 'Description' = %q The NETGEAR WNR2000 router h...

10CVSS7.4AI score0.8345EPSS
Exploits6
Packet Storm
Packet Storm
added 2017/03/24 12:0 a.m.70 views

NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'time' class MetasploitModule 'NETGEAR WNR2000v5 Unauthenticated hiddenlangavi Stack Overflow', 'Description' = %q The NETGEAR WNR2000 router h...

0.6AI score0.8345EPSS
Exploits6
CNVD
CNVD
added 2017/02/06 12:0 a.m.5 views

NETGEAR WNR2000v5 router hidden_lang_avi buffer overflow vulnerability

The NETGEAR WNR2000v5 router is a popular router device. A buffer overflow vulnerability exists in the NETGEAR WNR2000v5 router's handling of hiddenlangavi, which allows remote attackers to exploit the vulnerability to submit a special request, execute arbitrary code, or crash the application...

10CVSS7.8AI score0.8345EPSS
Exploits6References1
CNVD
CNVD
added 2017/02/06 12:0 a.m.4 views

NETGEAR WNR2000v5 router authentication bypass vulnerability

The NETGEAR WNR2000v5 router is a popular router device. An authentication bypass vulnerability exists in the NETGEAR WNR2000v5 router. An attacker can use this vulnerability to bypass the authentication mechanism and perform unauthorized operations...

9.8CVSS7.1AI score0.77426EPSS
Exploits3References1
CNVD
CNVD
added 2017/02/06 12:0 a.m.3 views

NETGEAR WNR2000v5 router information disclosure vulnerability

The NETGEAR WNR2000v5 router is a popular router device. A security vulnerability in the NETGEAR WNR2000v5 router allows remote attackers to exploit the vulnerability by submitting a special /BRSnetgearsuccess.html URI request, which can be used to obtain administrator username and password...

9.8CVSS7AI score0.64741EPSS
Exploits3References1
OSV
OSV
added 2017/01/30 4:59 a.m.4 views

CVE-2016-10175

The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRSnetgearsuccess.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulnerability that allows resetting the answers t...

9.8CVSS5.8AI score0.64741EPSS
Exploits3References5
Prion
Prion
added 2017/01/30 4:59 a.m.17 views

Remote code execution

The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server uhttpd and processed accordingly. The web server also contains another URL, applynoauth.cgi, that...

7.5CVSS9.7AI score0.77426EPSS
Exploits3References5Affected Software1
Rows per page
Query Builder