EUVD-2025-21453

Malicious code in bioql PyPI...

CVE-2025-52082

In Netgear XR300 V1.0.3.3810.3.30, a stack-based buffer overflow exists in the HTTPD service through the usbdevice.cgi endpoint. The vulnerability occurs when processing POST requests containing the readaccess parameter...

CVE-2025-52081

In Netgear XR300 V1.0.3.3810.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usbdevice.cgi endpoint. The vulnerability occurs when processing POST requests containing the usbfolder parameter...

CVE-2025-52080

Netgear XR300 (V1.0.3.38_10.3.30) is affected by a stack-based buffer overflow in the HTTPD service via usb_device.cgi when processing POST requests that include the share_name parameter. Documented impact is a network-accessible vulnerability with medium severity (CVSS 3.1: 6.5), but the specifi...

CVE-2025-52081

CVE-2025-52081 affects Netgear XR300 routers (V1.0.3.38_10.3.30). It is a stack-based buffer overflow in the HTTPD service triggered by POST requests to the usb_device.cgi endpoint when the usb_folder parameter is processed. The vulnerability stems from improper handling in this endpoint, enablin...

NETGEAR XR300 genie_dyn.cgi component command injection vulnerability

The NETGEAR XR300 is a wireless router from NETGEAR. A command injection vulnerability exists in NETGEAR XR300 v1.0.3.78, which stems from the systemname parameter in the geniedyn.cgi component failing to properly filter constructed command special characters, commands, and so on. An attacker cou...

NETGEAR XR300 bridge_wireless_main.cgi component passphrase parameter buffer overflow vulnerability

The NETGEAR XR300 is a wireless router from NETGEAR. A buffer overflow vulnerability exists in NETGEAR XR300 v1.0.3.78, which originates from the passphrase parameter in the bridgewirelessmain.cgi component that fails to correctly validate the length of the input data, and can be exploited by a...

NETGEAR XR300 usb_approve.cgi component buffer overflow vulnerability

The NETGEAR XR300 is a wireless router from NETGEAR. A buffer overflow vulnerability exists in NETGEAR XR300 v1.0.3.78, which originates from the addName%d parameter in the usbapprove.cgi component that fails to correctly validate the length of the input data, and can be exploited by a remote...

NETGEAR R8500、XR300、R7000P和R6400v2 安全漏洞

NETGEAR R6400v2 and others are products of NETGEAR USA.NETGEAR R6400v2 is a router.NETGEAR R7000P is a wireless router.NETGEAR XR300 is a wireless router. A security vulnerability exists in the NETGEAR R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128, which originates...

PT-2024-8377 · NetGear · Netgear Xr300

Name of the Vulnerable Software and Affected Versions: Netgear XR300 version 1.0.3.78 Description: The issue is related to a buffer overflow in the wireless.cgi script of the Netgear XR300 router's firmware, specifically when handling the passphrase parameter. This can be exploited by a remote...