PT-2025-29577 · NetGear · Netgear Xr300

Name of the Vulnerable Software and Affected Versions: Netgear XR300 version 1.0.3.38 10.3.30 Description: A stack-based buffer overflow exists in the HTTPD service through the usb device.cgi endpoint. The issue occurs when processing POST requests containing the read access parameter...

CVE-2025-52080

In Netgear XR300 V1.0.3.3810.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usbdevice.cgi endpoint. The vulnerability occurs when processing POST requests containing the sharename parameter...

PT-2025-29576 · NetGear · Netgear Xr300

Name of the Vulnerable Software and Affected Versions: Netgear XR300 version 1.0.3.38 10.3.30 Description: A stack-based buffer overflow exists in the HTTPD service through the usb device.cgi endpoint when processing POST requests containing the usb folder parameter. Recommendations: Update to a...

NETGEAR XR300 安全漏洞

The NETGEAR XR300 is the entry-level Nighthawk Pro Gaming series wireless router from NETGEAR. The NETGEAR XR300 suffers from a stack buffer overflow vulnerability that stems from a stack buffer overflow in the HTTPD service when processing a POST request from the usbdevice.cgi endpoint, no detai...

NETGEAR XR300 安全漏洞

The NETGEAR XR300 is the entry-level Nighthawk Pro Gaming series wireless router from NETGEAR. The NETGEAR XR300 suffers from a stack buffer overflow vulnerability that stems from a stack buffer overflow in the HTTPD service when processing a POST request from the usbdevice.cgi endpoint, no detai...

CVE-2025-7407

A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument hostname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2025-7407

A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument hostname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2025-7407

A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument hostname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2025-7407 Netgear D6400 diag.cgi os command injection

A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument hostname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2025-7407

Netgear D6400 1.0.0.114 contains a remote OS command injection in the diag.cgi file, exploitable via manipulation of the host_name argument. This affects the Netgear D6400 router and is confirmed across multiple sources; exploitation is publicly disclosed and is possible remotely. The vendor note...

CVE-2025-7407 Netgear D6400 diag.cgi os command injection

A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument hostname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

NETGEAR D6400 安全漏洞

The Netgear D6400 is a wireless modem from NETGEAR. A remote command execution vulnerability exists in the Netgear D6400, which can be exploited by an attacker to execute arbitrary commands on the system...

PT-2025-29093 · NetGear · Netgear R6400

Name of the Vulnerable Software and Affected Versions: Netgear D6400 version 1.0.0.114 Description: A critical vulnerability exists in the diag.cgi file of the Netgear D6400. Manipulation of the host name argument can lead to os command injection. This issue is remotely exploitable. The exploit h...

NETGEAR WNCE3001 Buffer Overflow Vulnerability

The NETGEAR WNCE3001 is a dual-band wireless network adapter designed for smart TVs, Blu-ray players, and other devices that connect wirelessly via an Ethernet interface. The NETGEAR WNCE3001 suffers from a buffer overflow vulnerability that stems from the HTTP POST request handler mishandling th...

NETGEAR EX6150 sub_410090 function buffer overflow vulnerability

The NETGEAR EX6100 is a dual-band wireless extender that is primarily used to enhance the coverage of an existing WiFi network, and is especially suitable for large rooms or scenarios where there are signal blind spots. The NETGEAR EX6100 suffers from a buffer overflow vulnerability, which stems...

CVE-2025-6565

A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function httpd of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-6510

A vulnerability was found in Netgear EX6100 1.0.2.281.1.138. It has been rated as critical. Affected by this issue is the function sub415EF8. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-6511

A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.461.0.76. This affects the function sub410090. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This...

The vulnerability of the sub_415EF8 function in Netgear EX6100 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of sub415EF8 in Netgear EX6100 router microprogramming software relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted GET request...

CVE-2025-6565

A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function httpd of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...