CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The vulnerability of the embedded software of Netgear XR1000, Netgear XR1000v2, and Netgear XR500 lies in improper code generation, allowing attackers to execute arbitrary code.

The vulnerability of the embedded software on Netgear XR1000, Netgear XR1000v2, and Netgear XR500 is related to incorrect code generation. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

8.1CVSS6AI score0.04978EPSS

Exploits0References2Affected Software3

CNNVD•added 2025/02/05 12:0 a.m.•3 views

NETGEAR XR1000和NETGEAR XR500 安全漏洞

NETGEAR XR500 and NETGEAR XR1000 are both products of NETGEAR Corporation.NETGEAR XR500 is a wireless router.NETGEAR XR1000 is a dual-band Wi-Fi 6 router designed for gaming. A security vulnerability exists in the NETGEAR XR1000 prior to version 1.0.0.74, the XR1000v2 prior to version 1.1.0.22, a...

8.1CVSS7AI score0.04978EPSS

Exploits0References1

Vulnrichment•added 2025/02/05 12:0 a.m.•3 views

CVE-2025-25246

NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users...

8.1CVSS8.6AI score0.04978EPSS

Exploits0References1

Cvelist•added 2025/02/05 12:0 a.m.•8 views

CVE-2025-25246

NETGEAR XR1000 before 1.0.0.74, XR1000v2 before 1.1.0.22, and XR500 before 2.3.2.134 allow remote code execution by unauthenticated users...

8.1CVSS0.04978EPSS

Exploits0References1

BDU FSTEC•added 2023/01/31 12:0 a.m.•1 views

The vulnerability of NETGEAR XR450 and XR500 Wi-Fi routers’ built-in software lies in the lack of measures taken to clean data at the management level, allowing attackers to execute arbitrary commands.

The vulnerability of NETGEAR XR450 and XR500 Wi-Fi routers’ built-in software relates to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted data remotely...

7CVSS5.8AI score

Exploits0References1Affected Software2

OSV•added 2021/12/26 1:15 a.m.•2 views

CVE-2021-45623

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R7800 before 1.0.2.74, R9000 before 1.0.5.2, and XR500 before 2.3.2.66...

9.8CVSS5.8AI score0.01614EPSS

Exploits0References1

OSV•added 2021/03/23 7:15 a.m.•2 views

CVE-2021-29069

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before 2.3.2.114, and WNR2000v5 before 1.0.0.76...

8.4CVSS7.3AI score0.00081EPSS

Exploits0References1

CNNVD•added 2021/03/23 12:0 a.m.•3 views

多款Netgear产品命令注入漏洞

Netgear NETGEAR XR500 and others are products of Netgear, Inc.NETGEAR XR500 is a wireless router.NETGEAR WNR2000v5 is a router.NETGEAR XR450 is a router. A command injection vulnerability exists in multiple NETGEAR models that allows command injection by an authenticated user. The following...

8.4CVSS7.8AI score0.00081EPSS

Exploits0References2

OSV•added 2020/12/30 12:15 a.m.•2 views

CVE-2020-35835

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, XR500 before 2.3.2.56, and XR700 before 1.0.1.10...

4.8CVSS5.8AI score0.00403EPSS

Exploits0References1

OSV•added 2020/12/30 12:15 a.m.•2 views

CVE-2020-35809

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56,...

4.8CVSS5.8AI score0.00262EPSS

Exploits0References1

CNVD•added 2020/04/23 12:0 a.m.•2 views

NETGEAR XR500 Code Execution Vulnerability

The NETGEAR XR500 is a wireless router from NETGEAR. A code execution vulnerability exists in NETGEAR XR500 versions prior to 2.3.2.32, which can be exploited by an attacker to execute code...

8.8CVSS7.7AI score0.00297EPSS

Exploits0References1

CNVD•added 2020/04/23 12:0 a.m.•2 views

NETGEAR XR500 Input Validation Error Vulnerability

The NETGEAR XR500 is a wireless router from NETGEAR. An input validation error vulnerability exists in NETGEAR XR500 versions prior to 2.3.2.32, which can be exploited by an attacker to execute code...

8.8CVSS7.1AI score0.00297EPSS

Exploits0References1

CNVD•added 2020/04/23 12:0 a.m.•6 views

NETGEAR XR500 License Issue Vulnerability

The NETGEAR XR500 is a wireless router from NETGEAR. A security vulnerability exists in NETGEAR XR500 versions prior to 2.3.2.32. An attacker could exploit the vulnerability to bypass authentication...

8.8CVSS6.7AI score0.00122EPSS

Exploits0References1

CNVD•added 2020/04/23 12:0 a.m.•3 views

NETGEAR XR500 Code Execution Vulnerability

The NETGEAR XR500 is a wireless router from NETGEAR. A security vulnerability exists in NETGEAR XR500 versions prior to 2.3.2.32. The vulnerability can be exploited by an attacker to execute code via the traceroute handler...

8.8CVSS7.3AI score0.00239EPSS

Exploits0References1

OSV•added 2020/04/22 4:15 p.m.•3 views

CVE-2018-21118

NETGEAR XR500 devices before 2.3.2.32 are affected by authentication bypass...

8.8CVSS5.8AI score

Exploits0References1

OSV•added 2020/04/22 3:15 p.m.•2 views

CVE-2018-21115

NETGEAR XR500 devices before 2.3.2.32 are affected by remote code execution by unauthenticated attackers...

8.8CVSS6.3AI score

Exploits0References1