CVE-2024-51020

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the apn parameter at usbISPdetailedit.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-51017

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tpusernetmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-51022

Netgear XR300 v1.0.3.78 was discovered to contain a stack overflow via the ssid parameter in bridgewirelessmain.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2023-50677

An issue in NETGEAR-DGND4000 v.1.1.00.151.00.15 allows a remote attacker to escalate privileges via the nextfile parameter to the /setup.cgi component...

CVE-2023-48725

A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78. A specially crafted HTTP request can lead to code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2023-39550

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the httppasswd and httpusername parameters in the checkauth function...

CVE-2023-38926

Netgear EX6200 v1.0.3.94 was discovered to contain a buffer overflow via the wlatempssid parameter at acosNvramConfigset...

CVE-2023-38928

Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usbremoteinvite.cgi...

CVE-2023-38921

Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgradehandler function via the firmwareRestore and firmwareServerip parameters...

CVE-2023-38922

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the httppasswd and httpusername parameters in the updateauth function...

CVE-2023-38412

Netgear R6900P v1.3.3.154 was discovered to contain multiple buffer overflows via the wlassid and wlgssid parameters at iaapsetting.cgi...

CVE-2023-36499

Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wlassid and wlgssid parameters at genieapwifichange.cgi...

CVE-2023-34563

netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication...

CVE-2023-28338

Any request send to a Netgear Nighthawk Wifi6 Router RAX30's web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting ...

CVE-2023-28337

When uploading a firmware image to a Netgear Nighthawk Wifi6 Router RAX30, a hidden “forceFWUpdate” parameter may be provided to force the upgrade to complete and bypass certain validation checks. End users can use this to upload modified, unofficial, and potentially malicious firmware to the...

CVE-2023-27851

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that unintentionally allows users with upload permissions to execute arbitrary code on the device...

CVE-2023-27852

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device...

CVE-2023-27850

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device...

CVE-2023-27853

NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a format string vulnerability in a SOAP service that could allow an attacker to execute arbitrary code on the device...

CVE-2023-38591

Netgear DG834Gv5 1.6.01.34 was discovered to contain multiple buffer overflows via the wlassid and wlatempssid parameters at bswssid.cgi...