CVE-2025-44650

In Netgear R7000 V1.3.1.6410.1.36 and EAX80 V1.0.1.701.0.2, the USERLIMITGLOBAL option is set to 0 in the bftpd.conf configuration file. This can cause DoS attacks when unlimited users are connected...

PT-2025-30289 · NetGear · Netgear R7000 +1

Name of the Vulnerable Software and Affected Versions: Netgear R7000 version 1.3.1.64 10.1.36 Netgear EAX80 version 1.0.1.70 1.0.2 Description: The USERLIMIT GLOBAL option is set to 0 in the bftpd.conf configuration file, potentially leading to Denial-of-Service DoS attacks when an unlimited numb...

CVE-2025-44650

The CVE-2025-44650 entry concerns Netgear R7000 (v1.3.1.64 10.1.36) and Netgear EAX80 (v1.0.1.70 1.0.2). Root cause is the USERLIMIT_GLOBAL setting being 0 in bftpd.conf, which can permit a Denial-of-Service when unlimited users connect. Concrete details are provided in connected sources (e.g., P...

CVE-2021-45667

Certain NETGEAR devices are affected by stored XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.48, EAX80 before 1.0.1.64, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7500 before 1.0.0.72, R7960P before 1.4.1.66, RAX200 before 1.0.3.106, RBS40V before 2.6.1.4, RBW30 before 2.6.1....