Lucene search
K

12051 matches found

Nuclei
Nuclei
added 7 hours ago66 views

NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure

NETGEAR DGN2200 / DGND3700 is susceptible to a vulnerability within the page 'BSWcxttongr.htm' which can allow a remote attacker to access this page without any authentication. The attacker can then use this password to gain administrator access of the targeted router's web interface. id:...

9.8CVSS7.1AI score0.27215EPSS
Exploits6References5
Nuclei
Nuclei
added 7 hours ago13 views

Netgear DGN2200 - Improper Authentication

A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits unauthorized individuals to bypass the authentication. When adding "?x=1.gif" to the requested url, it will be recognized as passing the authentication. id: CVE-2024-57046 info: name: Netgear DGN2200...

8.8CVSS7.1AI score0.0206EPSS
Exploits1References3
Nuclei
Nuclei
added 7 hours ago76 views

Netgear R6850 - Information Disclosure

Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the debuginfo.htm page. This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as product model name, WAN connection type, and...

5.3CVSS6.1AI score0.01231EPSS
Exploits1References2
Nuclei
Nuclei
added 7 hours ago24 views

Netgear R6850 - Information Disclosure

Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the currentsetting.htm page.This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as firmware version, model details,...

7.5CVSS6.1AI score0.01923EPSS
Exploits1References3
Nuclei
Nuclei
added 7 hours ago69 views

NETGEAR - Authentication Bypass

NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers are vulnerable to authentication bypass vulnerabilities which could allow network-adjacent attackers to bypass authentication on affected installations. id:...

8.8CVSS7AI score0.08656EPSS
Exploits0References5
Nuclei
Nuclei
added 7 hours ago132 views

Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun

Netgear RAX43 version 1.0.3.96 contains a command injection and authentication bypass vulnerability. The readycloudcontrol.cgi CGI application is vulnerable to command injection in the name parameter. Additionally, the URL parsing functionality in the cgi-bin endpoint of the router containers a...

8.8CVSS7AI score0.0853EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday103 views

Netgear-WN604 downloadFile.php - Information Disclosure

There is an information leakage vulnerability in the downloadFile.php interface of Netgear WN604. A remote attacker using file authentication can use this vulnerability to obtain the administrator account and password information of the wireless router, causing the router's background to be...

6.9CVSS6.2AI score0.45681EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday96 views

NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution

NETGEAR ProSAFE Plus before 2.6.0.43 is susceptible to unauthenticated remote code execution. Any HTML page is allowed as a valid endpoint to submit POST requests, allowing debug action via the submitId and debugCmd parameters. The problem is publicly exposed in the login.html webpage, which has ...

9.8CVSS7.4AI score0.57195EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday35 views

NETGEAR Routers - Authentication Bypass

NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices are susceptible to authentication bypass via simple crafted requests to the web management server. id: CVE-2017-5521 info: name: NETGEAR Routers - Authentication Bypass...

8.1CVSS7.1AI score0.89294EPSS
Exploits7References5
Nuclei
Nuclei
added yesterday99 views

NETGEAR ProSafe SSL VPN firmware - SQL Injection

NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. id: CVE-2022-29383 info: name: NETGEAR ProSafe SSL VPN firmware - SQL Injection author: elitebaz severity: critical description: |...

9.8CVSS6.8AI score0.48957EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday35 views

Netgear R6850 V1.1.0.88 - Command Injection

Netgear R6850 router firmware version V1.1.0.88 suffers from a command injection vulnerability in the pingtest functionality. An unauthenticated attacker can inject arbitrary system commands through the c4IPAddr parameter, resulting in remote code execution as root. id: CVE-2024-30568 info: name:...

9.8CVSS6.5AI score0.47197EPSS
Exploits1References3
Nuclei
Nuclei
added 3 days ago53 views

NETGEAR WNAP320 Access Point Firmware - Remote Command Injection

NETGEAR WNAP320 Access Point Firmware version 2.0.3 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. id: CVE-2016-1555 info: name: NETGEAR WNAP320 Access Point Firmware - Remote Command Injection author: gy741 severity: critical...

10CVSS7.1AI score0.98325EPSS
Exploits5References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.41 views

NETGEAR Routers - Remote Code Execution

NETGEAR routers R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly others allow...

9.3CVSS8.5AI score0.99781EPSS
Exploits9References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.170 views

NUUO NVR camera `debugging_center_utils_.php` - Command Execution

debuggingcenterutils.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbitrary PHP code via the log parameter. id: CVE-2016-5674 info: name: NUUO NVR camera debuggingcenterutils.p...

10CVSS9.1AI score0.9461EPSS
Exploits11References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.12 views

CVE-2026-9213

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper with traffic between the router and the Internet, to execute code on the device...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.11 views

CVE-2026-9210

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

7.1CVSS5.4AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.15 views

CVE-2026-9212

Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations...

8.3CVSS5.7AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.9 views

CVE-2026-0420

An improper implementation of TLS certificate validation vulnerability found in NETGEAR's ReadyCloud client app which could allow an attacker to perform attacker-in-the-middle MiTM style attacks impacting the product's confidentiality. This vulnerability affects the listed NETGEAR models...

8.2CVSS5.4AI score0.00135EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.9 views

CVE-2026-0419

Insufficient input validation in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows users connected to the local WiFi Networks to execute operating system commands. NETGEAR JR6150 has reached End-of-Support phase as of 2018 , and no further security updates are...

8CVSS5.6AI score0.00289EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.10 views

CVE-2026-0409

A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices...

7.5CVSS5.5AI score0.00256EPSS
Exploits0References1
Rows per page
Query Builder