76 matches found
EUVD-2025-12724
Malicious code in bioql PyPI...
EUVD-2025-12714
Malicious code in bioql PyPI...
EUVD-2025-12712
Malicious code in bioql PyPI...
EUVD-2025-12716
Malicious code in bioql PyPI...
The vulnerability of the cmd_wireless() function in Netgear’s JWNR2000v2 router software allows a hacker to execute arbitrary commands.
The vulnerability of the cmdwireless function in Netgear JWNR2000v2 router microprogramming software is related to the lack of data cleaning measures at the control level when processing the host parameter. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...
The vulnerability of the sub_435E04() function in Netgear JWNR2000v2 software allows a hacker to execute arbitrary commands.
The vulnerability of the sub435E04 function in Netgear JWNR2000v2 microprogrammed software lies in the lack of measures taken to clean data at the control level when processing the host parameter. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...
The vulnerability of the get_cur_lang_ver() function in Netgear’s JWNR2000v2 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the getcurlangver function in Netgear JWNR2000v2 router microprogramming software is related to the copying of buffers without checking the size of the input data when processing the host parameter. Exploiting this vulnerability can allow an attacker to compromise the...
The vulnerability of the sub_4238E8() function in Netgear JWNR2000v2 microprogrammed software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the sub4238E8 function in Netgear JWNR2000v2 microprogrammed software lies in the copying of buffers without checking the size of the input data when processing the host parameter. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity,...
The vulnerability of the check_language_file() function in Netgear’s JWNR2000v2 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the checklanguagefile function in Netgear JWNR2000v2 router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
CVE-2023-39550
Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the httppasswd and httpusername parameters in the checkauth function...
CVE-2023-38922
Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the httppasswd and httpusername parameters in the updateauth function...
NETGEAR JWNR2000v2 get_cur_lang_ver function buffer overflow vulnerability
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a buffer overflow vulnerability that originates from the getcurlangver function parameter host failing to correctly validate the length of the input data, which can be exploited by an attacker to execute...
NETGEAR JWNR2000v2 default_version_is_new function buffer overflow vulnerability
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a buffer overflow vulnerability that originates from the defaultversionisnew function parameter host failing to correctly validate the length of the input data, which can be exploited by an attacker to...
NETGEAR JWNR2000v2 cmd_wireless function command injection vulnerability
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a command injection vulnerability that stems from the cmdwireless function parameter host failing to properly filter constructor command special characters, commands, and so on. No details of the...
NETGEAR JWNR2000v2 sub_435E04 Function Command Injection Vulnerability
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a command injection vulnerability that stems from the sub435E04 function parameter host failing to correctly filter constructor command special characters, commands, and so on. No details of the...
NETGEAR JWNR2000v2 sub_41A914 function buffer overflow vulnerability
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a buffer overflow vulnerability that stems from the sub41A914 function parameter host failing to correctly validate the length size of the input data, no detailed vulnerability details are provided at th...
NETGEAR JWNR2000v2 check_language_file function buffer overflow vulnerability
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a buffer overflow vulnerability that originates from the checklanguagefile function parameter host failing to properly validate the length of input data, which can be exploited by an attacker to execute...
NETGEAR JWNR2000v2 sub_4238E8 function buffer overflow vulnerability
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a buffer overflow vulnerability that originates from the sub4238E8 function's parameter host failing to correctly validate the length of the input data, which can be exploited by an attacker to execute...
CVE-2025-4121
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been declared as critical. Affected by this vulnerability is the function cmdwireless. The manipulation of the argument host leads to command injection. The attack can be launched remotely. The vendor was contacted early about this...
CVE-2025-4122
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been rated as critical. Affected by this issue is the function sub435E04. The manipulation of the argument host leads to command injection. The attack may be launched remotely. The vendor was contacted early about this disclosure bu...