CVE-2024-8882

A buffer overflow vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80AAHN.1C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service DoS conditions via a crafted URL...

PT-2024-8145 · Zyxel · Zyxel Gs1900-48

Name of the Vulnerable Software and Affected Versions: Zyxel GS1900-48 switch firmware version V2.80AAHN.1C0 and earlier Description: A buffer overflow vulnerability in the CGI program could allow an authenticated, LAN-based attacker with administrator privileges to cause denial of service DoS...

NETGEAR R8500 genie_fix2.cgi Component Command Injection Vulnerability

The NETGEAR R8500 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the wangateway parameter in the geniefix2.cgi component failing to correctly filter constructed command special characters, commands, and so on. An...

CVE-2024-52023

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoelocalip parameter at pppoe2.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-52019

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at geniefix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-52020

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at wizfix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-52014

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptpuserip parameter at geniepptp.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-51021

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wangateway parameter at geniefix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-51017

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the l2tpusernetmask parameter at l2tp.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-51018

Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptpusernetmask parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2024-51021

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wangateway parameter at geniefix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

CVE-2024-50997

Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptpuserip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

PT-2024-8254 · NetGear · Netgear R6400 +3

Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Netgear XR300 version 1.0.3.78 Netgear R7000P version 1.3.3.154 Netgear R6400 v2 version 1.0.4.128 Description: The issue is related to a stack overflow vulnerability in the bsw pptp.cgi script of Netgear...

NETGEAR R7000P 安全漏洞

The NETGEAR R7000P is a wireless router from NETGEAR. A command injection vulnerability exists in NETGEAR R7000P v1.3.3.154, which stems from the devicename2 parameter in the operationmode.cgi component failing to correctly filter constructed command special characters, commands, and so on. An...

NETGEAR XR300、NETGEAR R7000P和NETGEAR R6400v2 安全漏洞

NETGEAR R6400v2 and others are products of NETGEAR USA.NETGEAR R6400v2 is a router.NETGEAR R7000P is a wireless router.NETGEAR XR300 is a wireless router. A security vulnerability exists in NETGEAR XR300 version v1.0.3.78, R7000P version v1.3.3.154, and R6400v2 version 1.0.4.128, which stems from...

NETGEAR XR300 安全漏洞

The NETGEAR XR300 is a wireless router from NETGEAR. NETGEAR XR300 version v1.0.3.78 suffers from a command injection vulnerability that stems from the systemname parameter in the wizdyn.cgi component failing to properly filter constructed command special characters, commands, and so on. An...

NETGEAR R8500 安全漏洞

NETGEAR R8500 is a wireless router from NETGEAR. A security vulnerability exists in NETGEAR R8500 version v1.0.2.160 and R7000P version v1.3.3.154, which originates from the usbdevice.cgi component that contains multiple buffer overflow vulnerabilities in cifsuser, readaccess, and writeaccess...

CVE-2024-52020

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the wangateway parameter at wizfix2.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

NETGEAR R8500 安全漏洞

NETGEAR R8500 is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR R8500 version v1.0.2.160, which stems from the wangateway parameter in the wizfix2.cgi component containing a command injection vulnerability...

NETGEAR R8500 安全漏洞

The NETGEAR R8500 is a wireless router from NETGEAR. A command injection vulnerability exists in the NETGEAR R8500 v1.0.2.160, which stems from the wangateway parameter in the geniefix2.cgi component failing to correctly filter constructed command special characters, commands, and so on. An...