CVE-2017-18745

Certain NETGEAR devices are affected by stored XSS. This affects R6400 before 1.0.1.14, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7100LG before 1.0.0.32, R7300DST before 1.0.0.56, R7900 before 1.0.1.12, R8000 before 1.0.3.24, and R8500 before 1.0.2.74...

CVE-2017-18765

Certain NETGEAR devices are affected by denial of service. This affects R6300v2 before 1.0.4.8, R6400 before 1.0.1.22, R6400v2 before 1.0.2.32, R6700 before 1.0.1.20, R6900 before 1.0.1.20, WNR3500Lv2 before 1.2.0.44, and WNR2000v2 before 1.2.0.8...

EUVD-2017-9792

Malware in sbrugna...

EUVD-2017-9802

Malware in sbrugna...

EUVD-2021-32294

Malicious code in bioql PyPI...

EUVD-2023-34703

Malicious code in bioql PyPI...

EUVD-2024-50626

Malicious code in bioql PyPI...

CVE-2024-12147

A vulnerability was found in Netgear R6900 1.0.1.261.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgradecheck.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The...

CVE-2021-38520

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400 before 1.0.1.52, R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6700v2 before 1.2.0.62, R6900v2 before 1.2.0.62, and R7000P before 1.3.2.124...

CVE-2017-18701

Certain NETGEAR devices are affected by reflected XSS. This affects R6700 before 1.0.1.36 and R6900 before 1.0.1.34...

Netgear R6900 Buffer Overflow Vulnerability

The Netgear R6900 is a wireless router from NETGEAR. The Netgear R6900 suffers from a buffer overflow vulnerability that originates from the parameter Content-Length in the file upgradecheck.cgi that fails to properly validate the length of the input data, which can be exploited by an attacker to...

CVE-2024-12147

A vulnerability was found in Netgear R6900 1.0.1.261.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgradecheck.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The...

CVE-2024-12147

Netgear R6900 vulnerability CVE-2024-12147 affects firmware 1.0.1.26_1.0.20 in the HTTP Header Handler’s upgrade_check.cgi. The root cause is improper validation of the Content-Length parameter in upgrade_check.cgi, which leads to a buffer overflow. This is a remote, unauthenticated issue, with e...

CVE-2024-12147 Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow

A vulnerability was found in Netgear R6900 1.0.1.261.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgradecheck.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The...

CVE-2024-12147 Netgear R6900 HTTP Header upgrade_check.cgi buffer overflow

A vulnerability was found in Netgear R6900 1.0.1.261.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgradecheck.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The...

NETGEAR R6900 安全漏洞

The Netgear R6900 is a wireless router from NETGEAR. The Netgear R6900 suffers from a buffer overflow vulnerability that originates from the parameter Content-Length in the file upgradecheck.cgi that fails to properly validate the length of the input data, which can be exploited by an attacker to...

PT-2024-9998 · NetGear · Netgear R6900P

Name of the Vulnerable Software and Affected Versions: Netgear R6900 version 1.0.1.26 1.0.20 Description: A critical vulnerability has been found in the Netgear R6900 router, affecting an unknown functionality of the file upgrade check.cgi in the HTTP Header Handler component. The manipulation of...

CVE-2023-33533

Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into the post request...

Command injection

Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into the post request...

CVE-2023-33533

CVE-2023-33533 affects Netgear D6220 (1.0.0.80), D8500 (1.0.3.60), R6700 (1.0.2.26), and R6900 (1.0.2.26). The root cause is lack of input data sanitization in the firmware’s web management post parameters, enabling command injection. If an attacker has web management privileges, they can inject ...