Lucene search
+L

281 matches found

NVD
NVD
added 5 days ago11 views

CVE-2026-62658

A security flaw was discovered in certain NETGEAR Nighthawk RAX series routers that could allow someone already logged in to the device to run unauthorized commands or code on the router...

5.7CVSS0.00193EPSS
Exploits0References5
NVD
NVD
added 5 days ago10 views

CVE-2026-62657

A security flaw in the router's certificate validation process was discovered in the NETGEAR XR1000 Gaming Router and certain Nighthawk models that could allow an unauthorized person to remotely access and take control of the device...

7.6CVSS0.00105EPSS
Exploits0References5
CVE
CVE
added 5 days ago8 views

CVE-2026-62657

CVE-2026-62657 concerns a certificate validation flaw in NETGEAR XR1000 Gaming Router and certain Nighthawk models. The issue could allow an unauthenticated attacker to remotely access and take control of the device due to weaknesses in certificate validation. The sources identify affected device...

7.6CVSS6.1AI score0.00105EPSS
Exploits0References5
CVE
CVE
added 5 days ago6 views

CVE-2026-62658

NETGEAR Nighthawk RAX series routers (RAX45, RAX43, RAX50, RAX54sv2) are affected by CVE-2026-62658, a post-authentication vulnerability that could allow a logged-in user to execute arbitrary commands or code on the device. The CVSS 4.0 base score is 5.7 (MEDIUM) with high integrity impact and ad...

5.7CVSS6.2AI score0.00193EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/09 3:50 p.m.10 views

CVE-2026-0413 Buffer overflow vulnerability in certain NETGEAR Nighthawk routers

A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS5.8AI score0.00323EPSS
Exploits0References15
Cvelist
Cvelist
added 2026/06/09 3:50 p.m.36 views

CVE-2026-0413 Buffer overflow vulnerability in certain NETGEAR Nighthawk routers

A buffer overflow vulnerability due to insufficient input validation in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS0.00323EPSS
Exploits0References15
CVE
CVE
added 2026/06/09 3:50 p.m.38 views

CVE-2026-0413

The CVE-2026-0413 entry covers a buffer overflow caused by insufficient input validation in certain NETGEAR Nighthawk routers. Affected: NETGEAR Nighthawk models referenced in the entry (routers listed in the references). Vulnerable condition: buffers not properly validated, enabling an authentic...

6.8CVSS5.8AI score0.00323EPSS
Exploits0References15Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/13 4:0 p.m.5 views

CVE-2026-0406 Insufficient input validation in NETGEAR Nighthawk router XR1000v2

An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...

8.6CVSS6.8AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/13 4:0 p.m.29 views

CVE-2026-0406 Insufficient input validation in NETGEAR Nighthawk router XR1000v2

An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections...

8.6CVSS0.00221EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.9 views

CVE-2022-37234

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.13410.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy...

7.8CVSS7.3AI score0.00513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.5 views

CVE-2022-37235

Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.13410.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncat...

9.8CVSS7.2AI score0.00982EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.9 views

CVE-2021-27251

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a...

8.8CVSS7.3AI score0.00731EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.25 views

CVE-2019-12510

In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API "/soap/serversa" by supplying a malicious X-Forwarded-For header of the device's LAN IP address 192.168.1.1 in every request. As a result, an attacker may...

9.1CVSS7AI score0.00729EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.10 views

CVE-2019-12511

In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being enabled...

9.8CVSS8.5AI score0.02324EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/12/10 5:17 p.m.8 views

CVE-2025-12945

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...

4.8CVSS7.1AI score0.01686EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.7 views

EUVD-2025-202284

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...

4.8CVSS6.6AI score0.01686EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-202283

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

7.3CVSS6.8AI score0.00271EPSS
Exploits0References19
NVD
NVD
added 2025/12/09 5:15 p.m.9 views

CVE-2025-12946

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

7.5CVSS0.00271EPSS
Exploits0References18
OSV
OSV
added 2025/12/09 5:15 p.m.6 views

CVE-2025-12945

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...

7.2CVSS5.8AI score0.01686EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 5:15 p.m.9 views

CVE-2025-12945

A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. This issue affects R7000P: through 1.3.3.154...

7.2CVSS0.01686EPSS
Exploits0References2
Rows per page
Query Builder