28 matches found
EUVD-2025-93461
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...
CVE-2025-12942
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...
CVE-2025-12942
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...
CVE-2025-12942
CVE-2025-12942 affects NETGEAR R6260 and R6850 hardware: improper input validation allows unauthenticated LAN-connected attackers to perform MiTM attacks and gain control over the DNS Server, potentially enabling command execution. Affected versions are up to 1.1.0.86 for both models. According t...
CVE-2025-12942 Improper input validation in NETGEAR R6260 and R6850
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...
CVE-2025-12942 Improper input validation in NETGEAR R6260 and R6850
Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...
PT-2025-46370
Name of the Vulnerable Software and Affected Versions NETGEAR R6260 versions through 1.1.0.86 NETGEAR R6850 versions through 1.1.0.86 Description A flaw exists in input validation within NETGEAR R6260 and R6850 devices. This allows unauthenticated attackers on the LAN to conduct Man-in-the-Middle...
NETGEAR R6260和NETGEAR R6850 安全漏洞
NETGEAR R6260 and NETGEAR R6850 are both products of NETGEAR, Inc.NETGEAR R6260 is a router. A hardware device that connects two or more networks and acts as a gateway between networks.The NETGEAR R6850 is a wireless router. A security vulnerability exists in the NETGEAR R6260 and NETGEAR R6850...
EUVD-2021-21627
Malware in sbrugna...
EUVD-2021-21625
Malware in sbrugna...
CVE-2021-34980
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.781.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. When parsing the SOAPLOGINTOKEN...
CVE-2021-34978
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.781.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. A crafted SOAP request can trigg...
CVE-2021-34979
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.781.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction...
The vulnerability of NETGEAR Wi-Fi router microprogramming systems, such as R6260, R6800, R6700v2, R6900v2, R7450, and AC2100, arises from the possibility of data writing beyond the buffer, allowing attackers to execute arbitrary commands.
The vulnerability of the microprogrammed Wi-Fi router software from NETGEAR, including models R6260, R6800, R6700v2, R6900v2, R7450, and AC2100, lies in the fact that data is written beyond the buffer. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2021-34980
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.781.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. When parsing the SOAPLOGINTOKEN...
CVE-2021-34980
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.781.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. When parsing the SOAPLOGINTOKEN...
CVE-2021-34979
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.781.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.781.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction...
CVE-2021-34980
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 1.1.0.781.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. When parsing the SOAPLOGINTOKEN...
CVE-2021-34979
CVE-2021-34979 affects NETGEAR R6260 routers (firmware around 1.1.0.78_1.0.1 as cited). The root cause is improper validation of the length of user-supplied data in the handling of SOAP requests, specifically when parsing the SOAPAction header, leading to a fixed-buffer overflow in mini_httpd. Th...