EUVD-2013-7265

Malware in sbrugna...

CVE-2013-10060 Netgear Routers pppoe.cgi RCE

An authenticated OS command injection vulnerability exists in Netgear routers tested on the DGN2200B model firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoeusername parameter. Thi...

The vulnerability of the embedded software of NETGEAR routers such as GS108Tv2, GS110TPP, GS110TPv2, GS110TPv3, GS308T, GS310TP, GS724TPP, GS724TPv2, GS728TPPv2, GS728TPv2, GS752TPP, GS752TPv2, MS510TXM, and MS510TXUP arises from the lack of measures to sanitize input data. This allows a perpetrator to execute arbitrary commands.

The vulnerability of the embedded software of NETGEAR routers such as GS108Tv2, GS110TPP, GS110TPv2, GS110TPv3, GS308T, GS310TP, GS724TPP, GS724TPv2, GS728TPPv2, GS728TPv2, GS752TPP, GS752TPv2, MS510TXM, and MS510TXUP lies in the absence of measures for cleaning incoming data. Exploiting this...

The vulnerability of the embedded software of NETGEAR’s routers such as LAX20, MK62, MR60, MS60, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX40v2, RAX43, RAX45, RAX50, RAX75, RAX80, RS400, and XR1000 arises due to the lack of measures for cleaning input data. This allows a malicious actor to execute arbitrary commands.

The vulnerability of NETGEAR’s integrated router software, including models such as LAX20, MK62, MR60, MS60, R6400v2, R6700v3, R6900P, R7000, R7000P, R7850, R7900, R7900P, R7960P, R8000, R8000P, RAX15, RAX20, RAX200, RAX35v2, RAX40v2, RAX43, RAX45, RAX50, RAX75, RAX80, RS400, and XR1000, stems fr...

The vulnerability of the built-in software of NETGEAR routers such as R6400v2, R6700v3, R7000, R6900P, and R7000P lies in the lack of protection for service data, allowing attackers to exploit this to disclose protected information.

The vulnerability of the built-in software of NETGEAR routers such as R6400v2, R6700v3, R7000, R6900P, and R7000P lies in the lack of protection for service data. Exploiting this vulnerability can allow attackers to disclose the protected information...

The vulnerability of the embedded software of NETGEAR’s RAX200, MR60, RAX20, RAX45, RAX80, MS60, RAX15, RAX50, RAX75, RBR750, RBR850, RBS750, and RBK752 routers exists due to the lack of protective measures for the website structure. This vulnerability allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the embedded software of NETGEAR’s RAX200, MR60, RAX20, RAX45, RAX80, MS60, RAX15, RAX50, RAX75, RBR750, RBR850, RBS750, RBS850, RBK752, and RBK852 routers exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability can allow a...

The vulnerability of NETGEAR CBR40, CBR750, RBK852, RBR850, and RBS850 Wi-Fi routers’ built-in software lies in the lack of measures to sanitize input data. This allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR CBR40, CBR750, RBK852, RBR850, and RBS850 Wi-Fi routers’ built-in software is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

The vulnerability of the built-in software of NETGEAR routers such as NETGEAR RBK852, NETGEAR RBK853, NETGEAR RBK842, NETGEAR RBR850, NETGEAR RBS850, NETGEAR RBR840, NETGEAR RBS840, NETGEAR RBK752, NETGEAR RBK753, NETGEAR RBK753S, NETGEAR RBR750, and NETGEAR RBS750 exists due to the failure to address the issue of eliminating specific components. This vulnerability allows attackers to inject arbitrary commands.

The vulnerability of the embedded software of NETGEAR routers such as NETGEAR RBK852, NETGEAR RBK853, NETGEAR RBK842, NETGEAR RBR850, NETGEAR RBS850, NETGEAR RBR840, NETGEAR RBS840, NETGEAR RBK752, NETGEAR RBK753, NETGEAR RBK753S, NETGEAR RBR750, and NETGEAR RBS750 exists due to the lack of...

Netgear Logging Vulnerability

Netgear logging vulnerability Introduction Tested Vulnerable Vendor Discussion PoC Stuff Introduction There is a problem in the way Netgear routers log outgoing HTTP connections which could lead to log corruption as well as dangerous character or script injection. Tested Vulnerable Model: RP114...