Netgear R6850 V1.1.0.88 - Command Injection

Netgear R6850 router firmware version V1.1.0.88 suffers from a command injection vulnerability in the pingtest functionality. An unauthenticated attacker can inject arbitrary system commands through the c4IPAddr parameter, resulting in remote code execution as root. id: CVE-2024-30568 info: name:...

Netgear R6850 - Information Disclosure

Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the debuginfo.htm page. This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as product model name, WAN connection type, and...

Netgear R6850 - Information Disclosure

Netgear R6850 router firmware version V1.1.0.88 contains an information leakage vulnerability in the currentsetting.htm page.This hidden interface is not protected by authentication, allowing unauthenticated attackers to access sensitive informationsuch as firmware version, model details,...

EUVD-2025-93461

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...

CVE-2025-12942

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...

CVE-2025-12942

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...

CVE-2025-12942

CVE-2025-12942 affects NETGEAR R6260 and R6850 hardware: improper input validation allows unauthenticated LAN-connected attackers to perform MiTM attacks and gain control over the DNS Server, potentially enabling command execution. Affected versions are up to 1.1.0.86 for both models. According t...

CVE-2025-12942 Improper input validation in NETGEAR R6260 and R6850

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...

CVE-2025-12942 Improper input validation in NETGEAR R6260 and R6850

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...

PT-2025-46370

Name of the Vulnerable Software and Affected Versions NETGEAR R6260 versions through 1.1.0.86 NETGEAR R6850 versions through 1.1.0.86 Description A flaw exists in input validation within NETGEAR R6260 and R6850 devices. This allows unauthenticated attackers on the LAN to conduct Man-in-the-Middle...

NETGEAR R6260和NETGEAR R6850 安全漏洞

NETGEAR R6260 and NETGEAR R6850 are both products of NETGEAR, Inc.NETGEAR R6260 is a router. A hardware device that connects two or more networks and acts as a gateway between networks.The NETGEAR R6850 is a wireless router. A security vulnerability exists in the NETGEAR R6260 and NETGEAR R6850...

EUVD-2024-28491

Malicious code in bioql PyPI...

CVE-2024-30571

An information leak in the BRStop.html component of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required...

CVE-2024-30568

Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter...

CVE-2024-30570

An information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication required...

CVE-2024-30572

Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the ntpserver parameter...

NETGEAR R6850 ntp_server Parameter Command Injection Vulnerability

The NETGEAR R6850 is a wireless router from NETGEAR. The NETGEAR R6850 suffers from a command injection vulnerability that stems from the ntpserver parameter failing to properly filter constructed command special characters, commands, and so on. An attacker can exploit this vulnerability to cause...

NETGEAR R6850 c4-IPAddr Parameter Command Injection Vulnerability

The NETGEAR R6850 is a wireless router from NETGEAR. The NETGEAR R6850 suffers from a command injection vulnerability that stems from the c4-IPAddr parameter failing to properly filter constructed command special characters, commands, and so on. An attacker can exploit this vulnerability to cause...

Netgear R6850 BRS_top.html File Information Disclosure Vulnerability

The Netgear R6850 is a wireless router from NETGEAR. The Netgear R6850 suffers from an information disclosure vulnerability that originates from insufficient protection of sensitive information in the BRStop.html component, which can be exploited by an attacker to obtain sensitive information...

Netgear R6850 currentsetting.htm file information disclosure vulnerability

The Netgear R6850 is a wireless router from NETGEAR. The Netgear R6850 suffers from an information disclosure vulnerability that originates from insufficient protection of sensitive information in currentsetting.htm, which can be exploited by an attacker to obtain sensitive information...