14 matches found
EUVD-2013-7265
Malware in sbrugna...
Netgear DGN2200B Code Execution Vulnerability
The Netgear DGN2200B is a wireless router from Netgear USA. A code execution vulnerability exists in Netgear DGN2200B 1.0.0.36 and earlier versions, which stems from insufficient pppoe.cgi endpoint input cleanup, and can be exploited by an attacker to potentially cause remote code execution...
CVE-2013-10060
An authenticated OS command injection vulnerability exists in Netgear routers tested on the DGN2200B model firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoeusername parameter. Thi...
CVE-2013-10060 Netgear Routers pppoe.cgi RCE
An authenticated OS command injection vulnerability exists in Netgear routers tested on the DGN2200B model firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoeusername parameter. Thi...
CVE-2013-10060 Netgear Routers pppoe.cgi RCE
An authenticated OS command injection vulnerability exists in Netgear routers tested on the DGN2200B model firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoeusername parameter. Thi...
CVE-2013-10060
Netgear DGN2200B routers are affected by an authenticated OS command injection flaw in the pppoe.cgi endpoint (pppoe_username input) affecting firmware 1.0.0.36 and earlier. The root cause is insufficient input cleanup in pppoe.cgi, allowing remote code execution with valid credentials and full d...
CVE-2024-51011
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoelocalip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
The vulnerability in the pppoe.cgi script of NETGEAR R7000P router software allows a hacker to induce a service failure.
The vulnerability in the pppoe.cgi script of NETGEAR R7000P router software is related to buffer overflows in the stack when processing the pppoelocalnetmask parameter. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a specially crafted POST request...
NETGEAR R7000P pppoe.cgi component buffer overflow vulnerability
The NETGEAR R7000P is a wireless router from NETGEAR. A buffer overflow vulnerability exists in NETGEAR R7000P v1.3.3.154, which originates from the ppppoelocalnetmask parameter in the ppppoe.cgi component that fails to correctly validate the length of the input data, and can be exploited by a...
CVE-2024-51019
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pppoelocalnetmask parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2024-51011
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoelocalip parameter at pppoe.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
NETGEAR XR300、NETGEAR R7000P和NETGEAR R6400v2 安全漏洞
NETGEAR R6400v2 and others are products of NETGEAR USA.NETGEAR R6400v2 is a router.NETGEAR R7000P is a wireless router.NETGEAR XR300 is a wireless router. A security vulnerability exists in NETGEAR XR300 version v1.0.3.78, R7000P version v1.3.3.154, and R6400v2 version 1.0.4.128, which stems from...
CVE-2024-51019
Netgear R7000P v1.3.3.154 contains a stack overflow in the pppoe.cgi component triggered by the pppoe_localnetmask parameter. A crafted POST request can cause a Denial of Service (DoS). Public sources diverge on whether arbitrary code execution is possible; several CNVD/Red Hat/NVD variants descr...
Authentication flaw
An authentication bypass vulnerability on UTStar WA3002G4 ADSL Broadband Modem WA3002G4-0021.01 devices allows attackers to directly access administrative settings and obtain cleartext credentials from HTML source, as demonstrated by info.cgi, upload.cgi, backupsettings.cgi, pppoe.cgi,...