121 matches found
The vulnerability of the web interface of microprogramming software for Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the web interface of microprogramming software for Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause service failures...
The vulnerability of the Plug and Play service and the web interface for controlling microprogrammed wireless routers such as Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W allows a malicious actor to execute arbitrary code or cause a service failure.
The vulnerability of the Plug and Play service and the web interface for controlling microprogrammed wireless routers such as Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W exists due to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to...
CVE-2021-1154
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. The vulnerabilities are due to insufficient...
Cisco Small Business 跨站脚本漏洞
The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A stored cross-site scripting vulnerability exists in the Web management interface of the Cisco...
CVE-2020-35842
Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 before 1.0.0.42, R6050 before 1.0.1.24, R6080 before 1.0.0.42, R6120 before 1.0.0.66, R6220 before...
Information Disclosure Vulnerability in Multiple Netgear Products
Netgear NETGEAR RBK752 and others are products of Netgear, Inc.NETGEAR RBK752 is a home WiFi system.NETGEAR RBK852 is a router.NETGEAR RBR850 is a router.NETGEAR RBK752 is a home WiFi system.NETGEAR RBK752 is a home WiFi system.NETGEAR RBK852 is a home WiFi system.NETGEAR RBK752 is a home WiFi...
Cross-Site Scripting Vulnerability in Multiple Netgear Products
Netgear NETGEAR R8900 and others are products of Netgear, Inc.NETGEAR R8900 is a wireless router.NETGEAR R9000 is a wireless router.NETGEAR XR500 is a wireless router. A cross-site scripting vulnerability exists in Certain NETGEAR devices and affects the following products and versions: D7800...
Netgear Won't Patch 45 Router Models Vulnerable to Serious Flaw
UPDATE Netgear will not patch 45 router models that are vulnerable to a high-severity remote code execution flaw, the router company revealed last week. However, the company says that routers that won’t receive updates are outdated or have reached EOL End of Life. The remote code execution...
Netgear Zero-Day Allows Full Takeover of Dozens of Router Models
UPDATED Researchers this week said they discovered an unpatched, zero-day vulnerability in firmware for Netgear routers that put 79 device models at risk for full takeover, they said. Netgear has since issued several hot fixes, available here. The flaw, a memory-safety issue present in the...
Buffer Overflow Vulnerability in Multiple NETGEAR Products (CNVD-2020-25841)
NETGEAR R6700 and others are products of NETGEAR, Inc.NETGEAR R6700 is a wireless router.NETGEAR D6200 is a wireless modem.NETGEAR R6800 is a wireless router.NETGEAR R6800 is a wireless router. A buffer overflow vulnerability exists in multiple NETGEAR products, which can be exploited by an...
Stack overflow
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10,...
Stack overflow
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10,...
CVE-2017-18850
Certain NETGEAR devices are affected by authentication bypass. This affects D6220 before 1.0.0.26, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.12, R6400 before 1.01.24, R6400v2 before 1.0.2.30, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R6900P before 1.0.0.56, R7000 before...
CVE-2019-20706
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.60 and XR500 before 2.3.2.32...
CVE-2019-20671
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30...
The vulnerability of the web interface of Cisco Small Business router microprogramming software models 200, 300, and 500 allows a hacker to cause a service failure.
The vulnerability of the web interface of Cisco Small Business router microprogramming software models 200, 300, and 500 exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by sending specially crafted requests...
CVE-2019-19824
On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI syscmd.htm is not available. This allows for full control over the device’s internals. This affects A3002RU through...
The vulnerability of the /etc/passwd file in Cisco Small Business router microprogramming devices series 250, 350, 350X, and 550X allows a hacker to elevate their privileges to the root level.
The vulnerability of the /etc/passwd file in Cisco Small Business routers of the 250, 350, 350X, and 550X series is related to the presence of empty password entries for the root and user accounts. Exploiting this vulnerability allows a remote attacker to elevate their privileges to the root leve...
The vulnerability of the web interface of Cisco Small Business router microprogramming software models 200, 300, and 500 allows a hacker to cause a service failure.
The vulnerability of the web interface of Cisco Small Business router microprogramming software models 200, 300, and 500 exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by sending a speciall...
D-Link Administrative Password Disclosure Vulnerability
D-Link models DIR-652, DIR-615, DIR-827, DIR-615, DIR-657, and DIR-825 suffer from an administrative password disclosure vulnerability. DLink Administrative Password Disclosure Vulnerability The problem in the following models : DIR-652 DIR-615 DIR-827 DIR-615 DIR-657 DIR-825 If login to web...