11953 matches found
CVE-2023-2393
A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file scgi-bin/platform.cgi?page=dmzsetup.htm of the component Web Management Interface. The manipulation of the argument...
CVE-2023-2384
A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been declared as problematic. This vulnerability affects unknown code of the file scgi-bin/platform.cgi?page=dmzsetup.htm of the component Web Management Interface. The manipulation of the argument dhcp.SecDnsIPByte2 leads to cros...
CVE-2022-46424
An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM Man-in-the-Middle attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or...
CVE-2022-31876
netgear wnap320 router WNAP320V2.0.3firmware is vulnerable to Incorrect Access Control via /recreate.php, which can leak all users cookies...
CVE-2022-4390
A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. IPv6 is enabled for the WAN interface by default on these devices. While there are firewall restrictions in place that define access restrictions for IPv4 traffic, these restrictions...
CVE-2022-48322
NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94...
CVE-2022-48176
Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R8000P before v1.4.4.94 were discovered to contain a pre-authentication stack overflow...
CVE-2022-46422
An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service DoS via uploading a crafted firmware image during the firmware update process...
CVE-2022-29383
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi...
CVE-2022-46423
An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM Man-in-the-Middle attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service...
CVE-2022-44184
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wandns1sec...
CVE-2022-44188
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enablebandsteering...
CVE-2022-44197
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpnserverip...
CVE-2022-44193
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute...
CVE-2022-44196
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpnpush1...
CVE-2022-44191
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2...
CVE-2022-44190
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enablebandsteering...
Netgear DGND3700 Information Disclosure Vulnerability
The Netgear DGND3700 is an integrated, multi-functional wireless router for home and small office environments. An information disclosure vulnerability exists in the Netgear DGND3700. The vulnerability originates from unknown code in the minihttp component file /currentsetting.htm. An attacker ca...
CVE-2022-44200
Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamodedns1pri and stamodedns1sec...
CVE-2022-44186
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wandns1pri...