EUVD-2020-26782

Malware in sbrugna...

EUVD-2014-2991

Malware in sbrugna...

EUVD-2021-28022

Malicious code in bioql PyPI...

CVE-2020-5621

Cross-site request forgery CSRF vulnerability in NETGEAR switching hubs GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified...

CVE-2021-40867

Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process of logging in e.g., behind the same NAT device, or already in possession of a foothold on an admin'...

CVE-2021-41314

Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create or overwrite a file with specific content e.g., the "2" string. This leads to admin session crafting and...

CVE-2021-40867

Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process of logging in e.g., behind the same NAT device, or already in possession of a foothold on an admin'...

CVE-2021-40866

Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the disabled by default /sqfs/bin/sccd daemon, which fails to check authentication when the authentication TLV is missing from a received NSDP packet. This affects GC108P before 1.0.8....

CVE-2020-35783

Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, GS116Ev2 before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and JGS524PE before 2.6.0.48. The NSDP protocol version allows unauthenticated remote attackers to obtain all the switc...

Access Control Error Vulnerability in Multiple Netgear Products

The Netgear NETGEAR JGS516PE and others are a switch from Netgear, Inc. An access control error vulnerability exists in several NETGEAR products and the following products and versions are affected: JGS516PE before 2.6.0.48, GS116Ev2 before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and JGS524PE before...

Injection Vulnerability in Multiple NETGEAR Products (CNVD-2020-30574)

NETGEAR FS752TP and so on are products of NETGEAR USA.NETGEAR FS752TP is a stackable smart switch.NETGEAR GS108T is an intelligent managed switch.NETGEAR M6100 is a fully managed switch. A security vulnerability exists in several NETGEAR products. The vulnerability can be exploited by an attacker...

[Nsdtool] Toolset of scripts used to detect netgear switches in local networks

Nsdtool is a toolset of scripts used to detect netgear switches in local networks. The tool contains some extra features like bruteforce and setting a new password. Netgear has its own protocol called NSDP Netgear Switch Discovery Protocol, which is implemented to support security tests on the...