CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The vulnerability of NETGEAR’s microprogrammed router products such as D6220, D8500, R6700, and R6900 lies in the lack of measures to sanitize input data. This allows attackers to exploit their privileges and execute arbitrary commands.

The vulnerability of NETGEAR’s microprogrammed router models D6220, D8500, R6700, and R6900 lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a remote attacker to enhance their privileges and execute arbitrary commands...

10CVSS7.9AI score0.03096EPSS

Exploits1References3Affected Software4

ATTACKERKB•added 2023/06/06 2:15 p.m.•2 views

CVE-2023-33533

Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into the post request...

8.8CVSS7.4AI score0.03096EPSS

Exploits1References3

Prion•added 2023/06/06 2:15 p.m.•21 views

Command injection

6.5CVSS8.8AI score0.03096EPSS

Exploits1References2Affected Software4

CNNVD•added 2023/06/06 12:0 a.m.•3 views

Netgear Router 命令注入漏洞

NETGEAR is a router from the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. A security vulnerability exists in Netgear Router that stems from the presence of a command injection vulnerability. An attacker can exploit this...

8.8CVSS8.1AI score0.03096EPSS

Exploits1References3

CVE•added 2023/06/06 12:0 a.m.•64 views

CVE-2023-33533

CVE-2023-33533 affects Netgear D6220 (1.0.0.80), D8500 (1.0.3.60), R6700 (1.0.2.26), and R6900 (1.0.2.26). The root cause is lack of input data sanitization in the firmware’s web management post parameters, enabling command injection. If an attacker has web management privileges, they can inject ...

8.8CVSS8.8AI score0.03096EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2023/05/22 12:0 a.m.•3 views

PT-2023-3101 · NetGear · Netgear R6700 +3

Name of the Vulnerable Software and Affected Versions: Netgear D6220 version 1.0.0.80 Netgear D8500 version 1.0.3.60 Netgear R6700 version 1.0.2.26 Netgear R6900 version 1.0.2.26 Description: The issue is related to the lack of input data sanitization in the firmware of Netgear routers. This allo...

10CVSS7.8AI score0.03096EPSS

Exploits1References7

BDU FSTEC•added 2022/03/04 12:0 a.m.•5 views

The vulnerability of NETGEAR D6220 router’s built-in software lies in the lack of measures to sanitize input data, allowing attackers to execute arbitrary commands.

The vulnerability of NETGEAR D6220 router’s built-in software lies in the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS8AI score0.01276EPSS

Exploits0References3Affected Software1

BDU FSTEC•added 2022/01/25 12:0 a.m.•4 views

The vulnerability of NETGEAR’s Wi-Fi router software models D3600, D6000, D6200, and D6220 lies in the insufficient protection of operational data, allowing attackers to compromise the integrity and accessibility of protected information.

The vulnerability of Wi-Fi router microprogramming systems from NETGEAR models D3600, D6000, D6200, and D6220 lies in the insufficient protection of operational data. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected information...

4.6CVSS7.6AI score0.00689EPSS

Exploits0References4Affected Software49

CNVD•added 2022/01/17 12:0 a.m.•17 views

NETGEAR D6220 Command Injection Vulnerability

NETGEAR D6220 is a wireless modem from Netgear, Inc. A security vulnerability exists in the NETGEAR D6220 device, which stems from the fact that versions prior to 1.0.0.76 are subject to command injection by authenticated users, which can be exploited by attackers for command injection...

8.8CVSS4.6AI score0.01276EPSS

Exploits0References1

OSV•added 2021/12/26 1:15 a.m.•3 views

CVE-2021-45638

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.74, D8500 before 1.0.3.60, DC112A before 1.0.0.56, R6300v2 before 1.0.4.50, R6400 before 1.0.1.68, R7000 before...

9.8CVSS7.7AI score0.01474EPSS

Exploits0References1

OSV•added 2021/12/26 1:15 a.m.•2 views

CVE-2021-45550

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6100 before 1.0.0.63, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7800 before 1.0.1.56, D8500 before 1.0.3.44, DGN2200Bv4 before 1.0.0.109, DGN2200v4...

6.8CVSS6.7AI score0.00569EPSS

Exploits0References1

ATTACKERKB•added 2021/12/26 1:15 a.m.•2 views

CVE-2021-45531

NETGEAR D6220 devices before 1.0.0.76 are affected by command injection by an authenticated user...

8.8CVSS5.3AI score0.01276EPSS

Exploits0References2

OSV•added 2021/12/26 1:15 a.m.•3 views

CVE-2021-45531

NETGEAR D6220 devices before 1.0.0.76 are affected by command injection by an authenticated user...

8.8CVSS5.8AI score0.01276EPSS

Exploits0References1