11449 matches found
CVE-2025-12943
Improper certificate validation in firmware update logic in NETGEAR RAX30 Nighthawk AX5 5-Stream AX2400 WiFi 6 Router and RAXE300 Nighthawk AXE7800 Tri-Band WiFi 6E Router allows attackers with the ability to intercept and tamper traffic destined to the device to execute arbitrary commands on the...
CVE-2025-12942
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...
CVE-2025-12940
Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610 and WAX610Y AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6 Access Points. An user having access to the syslog server can read the logs containing these credentials. This issue affects...
CVE-2025-12944 Improper input validation in NETGEAR DGN2200v4
Improper input validation in NETGEAR DGN2200v4 N300 Wireless ADSL2+ Modem Router allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4 firmware 1.0.0.132 or later...
CVE-2025-12944
Summary : CVE-2025-12944 concerns NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) with improper input validation that may allow an attacker with direct network access to execute code on the device. The issue is associated with the DGN2200v4 firmware and is fixed in firmware version 1.0.0.13...
CVE-2025-12944 Improper input validation in NETGEAR DGN2200v4
Improper input validation in NETGEAR DGN2200v4 N300 Wireless ADSL2+ Modem Router allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4 firmware 1.0.0.132 or later...
CVE-2025-12943 Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300
Improper certificate validation in firmware update logic in NETGEAR RAX30 Nighthawk AX5 5-Stream AX2400 WiFi 6 Router and RAXE300 Nighthawk AXE7800 Tri-Band WiFi 6E Router allows attackers with the ability to intercept and tamper traffic destined to the device to execute arbitrary commands on the...
CVE-2025-12943
CVE-2025-12943 involves NETGEAR RAX30 and RAXE300 devices, where improper certificate validation in the firmware update logic lets an attacker who can intercept and modify traffic potentially execute arbitrary commands on the device. Affected products: NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400...
CVE-2025-12943 Improper certificate validation in firmware update logic in NETGEAR RAX30 and RAXE300
Improper certificate validation in firmware update logic in NETGEAR RAX30 Nighthawk AX5 5-Stream AX2400 WiFi 6 Router and RAXE300 Nighthawk AXE7800 Tri-Band WiFi 6E Router allows attackers with the ability to intercept and tamper traffic destined to the device to execute arbitrary commands on the...
CVE-2025-12942
CVE-2025-12942 affects NETGEAR R6260 and R6850 hardware: improper input validation allows unauthenticated LAN-connected attackers to perform MiTM attacks and gain control over the DNS Server, potentially enabling command execution. Affected versions are up to 1.1.0.86 for both models. According t...
CVE-2025-12942 Improper input validation in NETGEAR R6260 and R6850
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...
CVE-2025-12942 Improper input validation in NETGEAR R6260 and R6850
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...
CVE-2025-12940 Credentials recorded in logs in NETGEAR WAX610 and WAX610Y
Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610 and WAX610Y AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6 Access Points. An user having access to the syslog server can read the logs containing these credentials. This issue affects...
CVE-2025-12940
CVE-2025-12940 affects NETGEAR WAX610 and WAX610Y access points. A configuration issue causes login credentials to be recorded in logs when a Syslog Server is configured, allowing an attacker with syslog access to read credentials. Impact: credential disclosure for devices running firmware prior ...
CVE-2025-12940 Credentials recorded in logs in NETGEAR WAX610 and WAX610Y
Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR WAX610 and WAX610Y AX1800 Dual Band PoE Multi-Gig Insight Managed WiFi 6 Access Points. An user having access to the syslog server can read the logs containing these credentials. This issue affects...
PT-2025-46351
Name of the Vulnerable Software and Affected Versions NETGEAR WAX610 versions prior to 11.8.0.10 NETGEAR WAX610Y versions prior to 11.8.0.10 Description A configuration issue can lead to login credentials being inadvertently recorded in logs when a Syslog Server is configured. An attacker with...
PT-2025-46370
Name of the Vulnerable Software and Affected Versions NETGEAR R6260 versions through 1.1.0.86 NETGEAR R6850 versions through 1.1.0.86 Description A flaw exists in input validation within NETGEAR R6260 and R6850 devices. This allows unauthenticated attackers on the LAN to conduct Man-in-the-Middle...
NETGEAR DGN2200 安全漏洞
NETGEAR DGN2200 is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR DGN2200v4 that stems from improper input validation and could lead to the execution of arbitrary code...
NETGEAR RAX30和NETGEAR RAXE300 安全漏洞
NETGEAR RAX30 and NETGEAR RAXE300 are both products of NETGEAR, Inc.NETGEAR RAX30 is a dual-band wireless router.NETGEAR RAXE300 is a wireless router. A security vulnerability exists in the NETGEAR RAX30 and RAXE300 that stems from improper certificate validation in the firmware update logic, whi...
PT-2025-46371
Name of the Vulnerable Software and Affected Versions NETGEAR RAX30 Nighthawk AX5 5-Stream AX2400 WiFi 6 Router versions prior to 1.0.14.108 NETGEAR RAXE300 Nighthawk AXE7800 Tri-Band WiFi 6E Router versions prior to 1.0.9.82 Description A flaw exists in the firmware update logic due to improper...