12042 matches found
Undocumented "TelnetEnable" functionality of End of Service NETGEAR products
Overview Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box. Inclusion of Undocumented Features or Chicken Bits CWE-1242 - CVE-2026-24714 Misato Ito, Daichi Uezono, Ryu Kuki, Iwaki Miyamoto, Takayuki Sasaki,...
CVE-2026-24714
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box...
EUVD-2026-5018
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box...
CVE-2026-24714
The CVE-2026-24714 entry concerns end-of-service NETGEAR devices (notably PR2000) that expose an undocumented TelnetEnable feature. A magic packet on the LAN can activate the Telnet service, enabling interactive access. The Red Hat/NVD/JVN/CIRCL and CVE records confirm the existence of this funct...
CVE-2026-24714
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box...
CVE-2026-24714
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box...
NETGEAR PR2000 security vulnerabilities
NETGEAR PR2000 is a wireless router produced by NETGEAR, a company in the United States. The NETGEAR PR2000 has a security vulnerability, which stems from a flaw in the TelnetEnable function...
PT-2026-5376
Name of the Vulnerable Software and Affected Versions NETGEAR affected versions not specified Description Certain end-of-service NETGEAR products feature a “TelnetEnable” functionality. This functionality permits a magic packet to activate the telnet service on the device, potentially leading to...
CVE-2022-40619
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsqaccesstoken parameter. This affects R6230 before...
CVE-2022-40620
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker suitably positioned on the network could intercept the update request and deliver a...
CVE-2022-40620
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker suitably positioned on the network could intercept the update request and deliver a...
CVE-2022-40619
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsqaccesstoken parameter. This affects R6230 before...
CVE-2022-40619
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsqaccesstoken parameter. This affects R6230 before...
CVE-2022-40620
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker suitably positioned on the network could intercept the update request and deliver a...
CVE-2022-40620
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker suitably positioned on the network could intercept the update request and deliver a...
NETGEAR’s various products have security vulnerabilities
NETGEAR R6260 is a product of the American company NETGEAR. The NETGEAR R6260 is a router. The NETGEAR R6230 is also a router. Netgear R7000 is another product of NETGEAR. The Netgear R7000 is a wireless router. Several NETGEAR products have security vulnerabilities, which stem from the unvalidat...
CVE-2022-40619
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsqaccesstoken parameter. This affects R6230 before...
NETGEAR’s various products have security vulnerabilities
NETGEAR R6260 is a product of the American company NETGEAR. The NETGEAR R6260 is a router. The NETGEAR R6230 is also a router. Netgear R7000 is another product of NETGEAR. The Netgear R7000 is a wireless router. Several NETGEAR products have security vulnerabilities. These vulnerabilities stem fr...
CVE-2022-40619
CVE-2022-40619 affects NETGEAR devices where the FunJSQ module exposes an HTTP server on the LAN and allows unauthenticated arbitrary command injection via the funjsq_access_token parameter. Affected devices/versions include R6230 < 1.1.0.112, R6260 < 1.1.0.88, R7000 < 1.0.11.134, R8900 ...
CVE-2022-40619
FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsqaccesstoken parameter. This affects R6230 before...