147 matches found
CVE-2026-0413 Buffer overflow vulnerability in certain NETGEAR Nighthawk routers
A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...
CVE-2026-0413
The CVE-2026-0413 entry covers a buffer overflow caused by insufficient input validation in certain NETGEAR Nighthawk routers. Affected: NETGEAR Nighthawk models referenced in the entry (routers listed in the references). Vulnerable condition: buffers not properly validated, enabling an authentic...
CVE-2026-0406 Insufficient input validation in NETGEAR Nighthawk router XR1000v2
An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...
CVE-2026-0406 Insufficient input validation in NETGEAR Nighthawk router XR1000v2
An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...
CVE-2022-37234
Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.13410.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy...
CVE-2021-27251
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a...
CVE-2019-12510
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API "/soap/serversa" by supplying a malicious X-Forwarded-For header of the device's LAN IP address 192.168.1.1 in every request. As a result, an attacker may...
CVE-2019-12511
In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being enabled...
CVE-2025-12946
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...
CVE-2025-12945
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...
CVE-2025-12946
CVE-2025-12946 affects NETGEAR Nighthawk routers and related models (RS700, RAX54Sv2, RAX41v2, RAX50, RAXE500, RAX41, RAX43, RAX35v2, RAXE450, RAX43v2, RAX42, RAX45, RAX50v2, MR90, MS90, RAX42v2, RAX49S). Root cause is improper input validation in the speedtest feature, enabling WAN-side attacker...
CVE-2025-12946 Improper input validation in NETGEAR Nighthawk routers
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...
CVE-2025-12946 Improper input validation in NETGEAR Nighthawk routers
A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...
CVE-2025-12945
The CVE-2025-12945 entry concerns NETGEAR Nighthawk R7000P routers with versions up to 1.3.3.154. The vulnerability is an OS command injection caused by improper input validation when accessed by an authenticated administrator. Impact is limited to the affected device where an admin could inject ...
CVE-2025-12945 Improper input validation in NETGEAR Nighthawk router R7000P
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...
NETGEAR Nighthawk 安全漏洞
NETGEAR Nighthawk is a series of wireless routers from NETGEAR. A security vulnerability exists in the NETGEAR Nighthawk R7000P 1.3.3.154 and prior versions, which stems from improper input validation and could lead to an authenticated administrator performing an OS command injection attack...
PT-2025-50105
Name of the Vulnerable Software and Affected Versions NETGEAR Nighthawk routers versions 1.0.7.82 and earlier NETGEAR RAX54Sv2 versions before V1.1.6.36 NETGEAR RAX41v2 versions before V1.1.6.36 NETGEAR RAX50 versions before V1.2.14.114 NETGEAR RAXE500 versions before V1.2.14.114 NETGEAR RAX41...
NETGEAR多款产品 安全漏洞
NETGEAR Nighthawk is a series of wireless routers from NETGEAR. A security vulnerability exists in various NETGEAR products that stems from improper input validation for the speedtest feature, which could allow an attacker to use man-in-the-middle techniques to manipulate DNS responses and execut...
EUVD-2019-4108
Malware in sbrugna...
EUVD-2021-14018
Malware in sbrugna...