Lucene search
K

269 matches found

Vulnrichment
Vulnrichment
added 2025/04/17 12:0 a.m.7 views

CVE-2025-29044

Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERYSTRING key value...

7.6AI score0.00938EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.7 views

The vulnerability of the SetDefaultConnectionService() function in Netgear WNR854T router software allows a hacker to induce a service failure.

The vulnerability of the SetDefaultConnectionService function in Netgear WNR854T router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure...

8.3CVSS5.9AI score0.00742EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/03/31 9:15 p.m.5 views

CVE-2024-54804

Netgear WNR854T 1.5.2 North America is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter wanhostname and forcing a reboot. This will result in command injection...

9.8CVSS5.8AI score0.01619EPSS
Exploits1References1
OSV
OSV
added 2025/02/18 3:15 p.m.6 views

CVE-2024-57046

A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the authentication. When adding "?x=1.gif" to the the requested url, it will be recognized as passing the authentication...

8.8CVSS5.8AI score0.0206EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/02/18 12:0 a.m.14 views

CVE-2022-41545

The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 and possibly others authenticates users via basic authentication, with an HTTP header containing a base64 value of the plaintext username and password. Because the web server also does not utilize transpor...

0.00288EPSS
Exploits2References3
Packet Storm
Packet Storm
added 2025/02/17 12:0 a.m.282 views

Netgear C7800 Missing Transport Encryption

Netgear C7800 suffers from a man-in-the-middle vulnerability...

7.2AI score0.00288EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/02/05 2:47 p.m.20 views

CVE-2020-15635

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.8410.0.58 routers with firmware 1.0.4.8410.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the acsd service, which...

8.8CVSS7.2AI score0.02644EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/12/11 12:0 a.m.13 views

The vulnerability in the RMT_invite.cgi script of NETGEAR R7000 Wi-Fi routers allows a hacker to execute arbitrary commands.

The vulnerability in the RMTinvite.cgi script of NETGEAR R7000 Wi-Fi routers lies in the lack of data cleaning at the control level when processing the parameter devicename2. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

8.4CVSS5.8AI score0.09053EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.5 views

The vulnerability in the wireless.cgi script of Netgear XR300 router software allows a hacker to induce a service failure.

The vulnerability in the wireless.cgi script of Netgear XR300 router software lies in the copying of buffers without checking the size of the input data during the processing of the passphrase parameter. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a...

5.7CVSS5.5AI score0.00292EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.7 views

The vulnerability in the `usb_remote_smb_conf.cgi` script of NETGEAR R8500 router software allows a hacker to execute arbitrary commands.

The vulnerability in the usbremotesmbconf.cgi script of NETGEAR R8500 router microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s command when processing the sharename parameter. Exploiting this vulnerability allows a remote attacker...

8CVSS5.9AI score0.00793EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.5 views

The vulnerability in the ipv6_fix.cgi script of Netgear R8500 router software allows a attacker to trigger a service failure.

The vulnerability in the ipv6fix.cgi microprogram of Netgear R8500 routers stems from the copying of input buffers without checking their sizes during the processing of parameters ipv6wanipaddr, ipv6lanipaddr, ipv6wanlength, and ipv6lanlength. Exploiting this vulnerability allows a malicious acto...

5.7CVSS5.5AI score0.00299EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/19 12:0 a.m.9 views

The vulnerability in the geniepppoe.cgi script of Netgear’s router software models R7000P and R6400 v2 allows a hacker to cause a service failure.

The vulnerability in the geniepppoe.cgi microprogramming software for Netgear XR300, R7000P, and R6400 v2 lies in the copying of buffers without checking the size of input data during the processing of the pppoelocalip parameter. Exploiting this vulnerability allows a malicious actor to cause...

5.7CVSS5.5AI score0.00299EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/19 12:0 a.m.8 views

The vulnerability in the bsw_pppoe.cgi script of Netgear’s router software models XR300, R7000P, and R6400 v2 allows a hacker to cause a service failure.

The vulnerability in the bswpppoe.cgi script of Netgear XR300, R7000P, and R6400 v2 routers stems from the copying of buffer data without checking the size of the input data during the processing of the pppoelocalip parameter. Exploiting this vulnerability allows a malicious actor to cause servic...

5.7CVSS5.7AI score0.00299EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/19 12:0 a.m.8 views

The vulnerability in the wizpppoe.cgi script of the microprogramming software for Netgear XR300, R7000P, and R6400 v2 allows a hacker to cause a service failure.

The vulnerability in the wizpppoe.cgi microprogramming software of Netgear XR300, R7000P, and R6400 v2 lies in the copying of buffers without checking the size of input data during the processing of the pppoelocalip parameter. Exploiting this vulnerability allows a malicious actor to cause servic...

5.7CVSS5.5AI score0.00299EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/19 12:0 a.m.8 views

The vulnerability in the wlg_adv.cgi script of Netgear router microprogramming devices such as R8500, XR300, R7000P, and R6400 v2 allows a hacker to execute arbitrary commands.

The vulnerability in the wlgadv.cgi script of Netgear router microprogramming devices such as R8500, XR300, R7000P, and R6400 v2 relates to the failure to take data cleaning measures at the control level when processing the apmodegateway parameter. Exploiting this vulnerability allows a remote...

8CVSS5.9AI score0.00972EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/19 12:0 a.m.7 views

The vulnerability in the ru_wan_flow.cgi script of the Netgear R7000P router’s microprogramming software allows a hacker to induce a service failure.

The vulnerability in the ruwanflow.cgi microprogramming system of Netgear R7000P routers is related to the copying of buffers without checking the size of input data during the processing of the pptpusernetmask parameter. Exploiting this vulnerability allows a malicious actor to cause service...

5.7CVSS5.5AI score0.00292EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/11/05 3:15 p.m.4 views

CVE-2024-52028

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptpusernetmask parameter at wizpptp.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

5.7CVSS5.8AI score0.00299EPSS
Exploits0References2
OSV
OSV
added 2024/11/05 3:15 p.m.3 views

CVE-2024-52030

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptpusernetmask parameter at ruwanflow.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

5.7CVSS5.8AI score0.00292EPSS
Exploits0References2
OSV
OSV
added 2024/11/05 3:15 p.m.4 views

CVE-2024-52019

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at geniefix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

8CVSS6AI score0.01584EPSS
Exploits0References2
OSV
OSV
added 2024/11/05 3:15 p.m.5 views

CVE-2024-51013

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the RADIUSAddr%dwla parameter at wireless.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

5.7CVSS5.8AI score0.00292EPSS
Exploits0References2
Rows per page
Query Builder