CVE-2017-18865

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104...

EUVD-2017-9798

Malware in sbrugna...

CVE-2024-50993

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at adminaccount.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-51001

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the sysDNSHost parameter at ddns.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-51006

Netgear R8500 v1.0.2.160 was discovered to contain a stack overflow via the ipv6staticip parameter in the ipv6tunnel function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2022-27947

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the ipv6fix.cgi ipv6wanipaddr, ipv6lanipaddr, ipv6wanlength, or ipv6lanlength parameter...

NETGEAR R8500 admin_account.cgi Component Command Injection Vulnerability

The NETGEAR R8500 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the sysNewPasswd parameter in the adminaccount.cgi component failing to correctly filter constructed command special characters, commands, and so on. An...

NETGEAR R8500 ipv6_fix.cgi component ipv6_pri_dns parameter buffer overflow vulnerability

The NETGEAR R8500 is a wireless router from NETGEAR. A buffer overflow vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the ipv6pridns parameter in the ipv6fix.cgi component that fails to correctly validate the length of the incoming data, and can be exploited by a remote...

NETGEAR R8500 genie_fix2.cgi Component Command Injection Vulnerability

The NETGEAR R8500 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the wangateway parameter in the geniefix2.cgi component failing to correctly filter constructed command special characters, commands, and so on. An...

NETGEAR R8500 openvpn.cgi component buffer overflow vulnerability

The NETGEAR R8500 is a wireless router from NETGEAR. A buffer overflow vulnerability exists in the NETGEAR R8500 v1.0.2.160, which originates from the openvpnserviceport and openvpnserviceporttun parameters in the openvpn.cgi component failing to correctly validate the length and size of the inpu...

NETGEAR多款产品 安全漏洞

NETGEAR R8500 and others are products of NETGEAR USA.NETGEAR R8500 is a wireless router.NETGEAR R6400v2 is a router.NETGEAR R7000P is a wireless router. A security vulnerability exists in NETGEAR R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128, which originates from t...

NETGEAR R8500、XR300、R7000P和R6400v2 安全漏洞

NETGEAR R6400v2 and others are products of NETGEAR USA.NETGEAR R6400v2 is a router.NETGEAR R7000P is a wireless router.NETGEAR XR300 is a wireless router. A security vulnerability exists in the NETGEAR R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128, which originates...