CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-42685

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.1463EPSS

Exploits0References2

BDU FSTEC•added 2024/11/19 12:0 a.m.•4 views

The vulnerability in the password.cgi script of Netgear R8500 router software allows a hacker to execute arbitrary commands.

The vulnerability in the password.cgi script of Netgear R8500 router microprogramming software exists due to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by...

8CVSS5.8AI score0.00713EPSS

Exploits0References5Affected Software1

OSV•added 2024/11/05 3:15 p.m.•2 views

CVE-2024-50999

Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the sysNewPasswd parameter at password.cgi. This vulnerability allows attackers to execute arbitrary OS commands via a crafted request...

5.7CVSS6AI score0.00713EPSS

Exploits0References2

Positive Technologies•added 2024/11/05 12:0 a.m.•3 views

PT-2024-8320 · NetGear · Netgear R8500

Name of the Vulnerable Software and Affected Versions: Netgear R8500 version 1.0.2.160 Description: The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This allows a remote attacker to execute arbitrary commands by sending a specially...

7.7CVSS7.8AI score0.00713EPSS

Exploits0References8

Cvelist•added 2024/11/05 12:0 a.m.•14 views

CVE-2024-50999

0.00713EPSS

Exploits0References2

CNNVD•added 2024/11/05 12:0 a.m.•4 views

NETGEAR R8500 安全漏洞

NETGEAR R8500 is a wireless router from NETGEAR. A security vulnerability exists in NETGEAR R8500 version v1.0.2.160, which originates from the sysNewPasswd parameter in the password.cgi component containing a command injection vulnerability...

5.7CVSS7.4AI score0.00713EPSS

Exploits0References2

OSV•added 2023/08/07 7:15 p.m.•5 views

CVE-2023-38925

Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the httppasswd parameter in password.cgi...

8.8CVSS6AI score0.1463EPSS

Exploits0References2

ATTACKERKB•added 2023/08/07 7:15 p.m.•2 views

CVE-2023-38925

Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the httppasswd parameter in password.cgi...

8.8CVSS7.7AI score0.1463EPSS

Exploits0References3

NVD•added 2023/08/07 7:15 p.m.•13 views

CVE-2023-38925

Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the httppasswd parameter in password.cgi...

8.8CVSS9.1AI score0.1463EPSS

Exploits0References2

Prion•added 2023/08/07 7:15 p.m.•21 views

Buffer overflow

Netgear DC112A 1.0.0.64, EX6200 1.0.3.94 and R6300v2 1.0.4.8 were discovered to contain a buffer overflow via the httppasswd parameter in password.cgi...

6.5CVSS9AI score0.1463EPSS

Exploits0References2Affected Software3

Positive Technologies•added 2023/08/07 12:0 a.m.•4 views

PT-2023-26689 · NetGear · Netgear R6300V2 +2

Name of the Vulnerable Software and Affected Versions: Netgear DC112A version 1.0.0.64 Netgear EX6200 version 1.0.3.94 Netgear R6300v2 version 1.0.4.8 Description: A buffer overflow issue was discovered via the http passwd parameter in password.cgi. This issue affects Netgear devices...

8.8CVSS8.7AI score0.1463EPSS

Exploits0References4

CNVD•added 2022/03/29 12:0 a.m.•12 views

NETGEAR R8500 Command Injection Vulnerability

The NETGEAR R8500 is a wireless router from the American company Netgear. A security vulnerability exists in the NETGEAR R8500, which can be exploited by an attacker to execute arbitrary commands e.g. telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters of...

9CVSS7.7AI score0.029EPSS

Exploits1References1

OSV•added 2022/03/26 5:15 p.m.•2 views

CVE-2022-27945

NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands such as telnetd via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi...

8.8CVSS6AI score0.029EPSS

Exploits1References1

ATTACKERKB•added 2022/03/26 5:15 p.m.•2 views

CVE-2022-27945

9CVSS7.5AI score0.029EPSS

Exploits1References2

NVD•added 2022/03/26 5:15 p.m.•13 views

CVE-2022-27945

9CVSS0.029EPSS

Exploits1References1

Prion•added 2022/03/26 5:15 p.m.•13 views

Command injection

9CVSS8.7AI score0.029EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/03/26 4:13 p.m.•15 views

CVE-2022-27945

9AI score0.029EPSS

Exploits1References1

CNNVD•added 2022/03/26 12:0 a.m.•2 views

NETGEAR R8500 操作系统命令注入漏洞

9CVSS6.1AI score0.029EPSS

Exploits1References2

Prion•added 2017/09/17 7:29 p.m.•16 views

Authentication flaw

An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi, pppoe.cgi,...

10CVSS9.6AI score0.14786EPSS

Exploits6References2Affected Software1

OSV•added 2017/03/09 9:59 a.m.•3 views

CVE-2017-6558

iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file...

9.8CVSS5.9AI score0.15265EPSS

Exploits3References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by